“Your personal files are encrypted by CTB-Locker. Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer.”
Wow, there’s a screen you never want to see on your computer monitor, but there it was, screaming at me in bold red letters surrounded by a yellow border. I’d heard of this sort of extortion before, but this encounter, in 2014, was the first time I’d seen it face-to-face.
“Private decryption key is stored on a secret Internet server,” the ransom note continued, “and nobody can decrypt your files until you pay and obtain the private key. You only have 96 hours to submit the payment. If you do not send money within provided time, all your files will be permanently crypted and no one will be able to recover them.”
I knew from previous studies that this ransom note, no matter how poorly worded, was not kidding around. My customer had brought me this computer, hoping against hope that I could somehow defeat this sort of Internet crime and free their files, which included important financial spreadsheets and other personal items. I was not looking forward to this attempted rescue, for I knew the threat of losing the files forever was as serious as a heart attack.
CTB-Locker and other forms of “ransomware” have been making the rounds on the Internet for a few years, but the Internet bad guys stepped up their attacks in 2013-14, making ransomware one of the biggest problems of the modern Internet. If you’re still wondering “why do people do these things,” consider this: one ransomware variant called Cryptolocker generated nearly $30 million in about 100 days for online crooks. Clearly, ransomware is big business for the Internet crime cartels.
The latest generations of ransomware are also targeting smartphones and tablet computers, holding them hostage and rendering them useless unless the owners pay up. Even then, there is no guarantee that paying the ransom will actually move the bad guys to free your computer or phone; odds are, it won’t, as once they have your money, they could care less what happens to your digital device.
The methods used to deliver ransomware are not new, though. Clicking the wrong link to watch a hot new video, opening the wrong email attachment, visiting a malicious or hacked website or installing the wrong piece of software can, as with the viruses of the past, lead to an unhappy ending: a smartphone or computer held hostage, and probably rendered useless for good.
“Careful where you click” remains the best advice for avoiding ransomware. Always download software, particularly updates, directly from the manufacturer, rather than third-party websites. For example, if Adobe’s Flashplayer needs to be updated, the only place to get it is from the source: adobe.com.
The other major defense you can deploy is training yourself to read everything on your screen, rather than blindly clicking “Next” or “OK.” Anytime something appears telling you to do something, take your hands off the keyboard, step away from the device and ask yourself, “What is this? Where did it come from? Who put it there? What does it say? Should I do what it says, or not?”
Finally, back up your devices, including computers and smartphones. If you do, and disaster strikes, you will not have lost your important information. Think about it: if your cell phone was rendered useless, would you be able to call anyone for help? Do you even know anyone’s phone number, or do you depend on your phone to provide them?