In our ever-evolving digital age, crooks are getting smarter, swifter and slipperier. Hackers readily adapt to and overcome the best technological defenses we can mount. One of the biggest and most effective schemes is making the rounds in Alaska: a version of computer and network intrusion called ransomware.
Ransomware is a computer virus that allows criminals to invade a computer's system, encrypt its files and lock the user out, leaving you helplessly staring at what essentially amounts to the dreaded blue screen of death (although it can be any color or background) until you pay whatever ransom they demand. Generally, the ransomer asks to be paid in bitcoin, a digital currency. On today's market, one bitcoin is worth about $425.
"We have seen a dramatic increase. We are getting calls daily to help people," said William Walton, the supervisory special agent for the cyber/counterintelligence division of the FBI's Anchorage field office. "Once it takes hold, you are out of luck."
In January 2015, the University of Alaska posted an example of a screen locked by ransomware on the homepage of its information technology department.
:quality(70)/wp-adn.s3-website-us-west-2.amazonaws.com/image-archive/1138496/ransomware%201.jpg)
The demand explains what has happened and what you need to do to fix it (pay) and gives you an urgent timeline and threatens to raise the price if you don't meet it. The crooks also offer customer support to help walk you through the process of paying the ransom. If they didn't, their business model would fall apart.
:quality(70)/wp-adn.s3-website-us-west-2.amazonaws.com/image-archive/1138501/Ransomware%202.jpg)
"It does cost money in terms of the effort we must go through to restore data from backups if possible, and also with time spent looking into how it happened and what to do next," said Pat Shier, director of the university's IT department. According to Shier, ransomware infections at the university are rare. The only specific case he could recall came from a staff member's personal computer. But that doesn't mean the bad guys aren't trying hard to get your money.
"A week doesn't go by when we don't get an alert from one of our staff or faculty that they have a suspicious email," Shier said, which makes vigilance an important front-line defense against backdoor break-ins. "Data security is everybody's job every day," he said.
According to Walton, ransomware victims across the United States have already lost $209 million this year. "That's up dramatically from $24 million for all of 2015,"? reported Reuters in its own story on ransomware published earlier this week.
Read the FBI's fact sheet on ransomware and how to protect yourself.
"We've run into this ransomware quite a bit. When people fall for this stuff, basically it is a race against time. Software generally starts encrypting the local machine and then spreads to the network," said Myron Davis, an analyst and programmer for the state.
"Falling for it" means getting duped by a type of cyberswindle known as spear phishing, which, as the name suggests, is meant as a precise strike. The hijackers learn just enough about a company, a school or a social circle to send out emails that look legitimate and sound as though they came from someone you know or from a place with which you might do business. The emails often ask you to click on a link, which is the "gotcha" part of the scam -- as soon as it's clicked the linked malware starts its crime spree, making its way onto your computer and beyond.
If ransomware -- also known as cryptolocker or locker -- takes hold, recovering your data and preventing the malware's spread to your friends, family and co-workers becomes a race against time.
If the FBI is notified right away, they might be able to recover encrypted files or at least the most important ones without paying the ransom, Walton said. For victims who don't have data backed up or secured elsewhere, it can be a real dilemma: Lose your stuff or pay up.
"We don't pay the ransom. Everything is backed up," Davis said, explaining that state of Alaska computers and systems are backed up every 15 minutes, every hour, every week and every month. His team also deploys robust intrusion detection systems, which so far have been able to track down and thwart potential threats in real time. "Essentially the most you will lose is 15 minutes," he said.
As recently as February, First National Bank of Alaska took the proactive approach of posting an urgent warning on its homepage about ransomware. FBI warnings and informal reports of local businesses falling victim prompted the fraud alert, said First National's Randy Wilkinson, information security manager, and Mike Mason, assistant vice president, who said the bank itself has not had any problems. "We want our customers as well as the community at large to know what the risks are. There are victims in our state and we are a statewide bank," Mason said.
Some businesses go ahead and pay the fee. But increasingly, the FBI is asking victims not to give in.
"Paying the ransom is no guarantee that you are going to get your devices unencrypted. You are left with no data and no money," Walton said.
But there's another, more troubling reason to resist the urge to fund the quick fix.
"There is high confidence that the money is landing in the hands of criminals and terrorists," Walton said.
The bottom line? Be suspicious. Unplug the device if you think it's infected. Carefully scrutinize any emails written in poor English, are oddly informal or unusually urgent, or contain phrases like "Hey, look at this." Don't click on unverified links. Delete anything that looks suspicious and notify your business's tech people right away.
It's cliche, but the old adage still applies: The best defense is a good offense.
Jill Burke is a longtime Alaska journalist writing from the center of a busy family life. Her father swore by "Burke's Law No. 1 -- never take no for an answer." Meaning, don't give up in the face of adversity. The lesson stuck. Share your ideas with her at jill@alaskadispatch.com, on Facebook or on Twitter.
The views expressed here are the writer's and are not necessarily endorsed by Alaska Dispatch News, which welcomes a broad range of viewpoints. To submit a piece for consideration, email commentary(at)alaskadispatch.com. Send submissions shorter than 200 words to letters@alaskadispatch.com or click here to submit via any web browser.