Public Service Announcement: Ransomware

When I was young, someone said, “Use your brains for good, not for evil.” It might have been a teacher who said it, or my dad, or maybe it was God. Most likely it was God.

It was timely advice because some nights I would lay in my trundle bed and devise the perfect non-violent crime. Not because I was a budding criminal, but because I liked the challenge of figuring out every contingency in order to pull it off. In theory. I may have watched too many episodes of The F.B.I. Loved that Efrem Zimbalist, Jr.

But then someone told me to use my brains for good and not for evil. So I started thinking about God in my trundle bed.

Why am I telling you this?

I was talking to a guy who was the victim of a cyber-crime. On Monday almost all of the files in the entire network at his place of employment were locked down by a ransomware virus. It’s a new virus so a remedy hasn’t been developed by anyone reputable yet. The only fix available has to be purchased from the criminals who created the virus. So, in order to regain access to their files, the company had to pay a ransom of nearly $500.

Apparently, he said, a hospital in Hollywood paid $1,700 to get their files back.

How stupid are these criminals?, I thought, when you pay the ransom, the FBI will be able to follow the money to them.

Turns out they’re not stupid.  Turns out there exists a thing called bitcoins which can’t be traced.

The guy I was talking to learned all about them on Monday afternoon.

I read a comment thread on a post last week. One of the commenters appeared to be a young, computer savvy genius. Her comments opened my eyes to the fact that there are many young computer savvy geniuses just like her laying in their beds plotting the perfect cyber extortion crimes. And some of them are carrying them out.

In my new friend’s case, the fiasco began when one of his co-workers opened a file with “unpaid invoice” in the subject line.  Seemed reasonable to open it since her job is to pay invoices. Just not ransom invoices. To make matters worse, she left her computer on at the end of the day – which gave the virus the entire weekend to search and destroy.

All of his company’s files are backed up on a separate external hard drive and locked away off-site, so they would have been fine. They wouldn’t have needed to pay the ransom. The extortion attempt would have been foiled. But in a perfect bummer of a storm, the remote external hard drive just happened to be connected to the network last weekend to perform a scheduled back-up.

So consider this a public service announcement and back up your files to a cloud (until someone figures out how to ransom the cloud) and  back up your files to an external hard drive that is NOT connected to your network.

And turn off your computer at the end of the day. Especially on a Friday.

And don’t open any “unpaid invoice” unless you are absolutely sure.

I’m tempted to now start ranting about credit card chips – ‘cuz I have a lot of griping to do about them. But I won’t.

Snow is falling. Eight to ten inches are expected by tomorrow morning.