Ransom paid by police and law firms to hackers, says Calgary privacy expert
‘If it’s worth it to them to regain control of their information, absolutely they’re going to pay it:’ expert
The president of the Privacy and Access Council of Canada says it's not just individuals and small businesses who are shelling out to hackers who infect their computers with viruses.
"Police departments and law firms are very, very attractive targets and they pay quite often," said Sharon Polsky, a Calgary data protection and privacy expert.
"If it's worth it to them to regain control of their information, absolutely they're going to pay it," she said
At least two U.S. police departments have paid off cyberthieves after days of trying to decrypt locked systems and even the Calgary police has been targeted.
"It's not uncommon," said Staff Sgt. Ryan Jepson, with the electronic surveillance unit. "It's just so prevalent."
Ransomware is a form of malware or malicious software that seeks out files on your computer and locks them, making them inaccessible to you. Then, cybercriminals demand money — a ransom — to unlock your files.
The Kensington Wine Market did just that this week, shelling out $500 in bitcoin, a form of digital currency often used by hackers because it's difficult to trace.
- Bitcoin ransom demanded by hackers of Calgary wine store
- Ransomware victims pay cybercriminals to save family photos
"Often [they] do these exploits from outside North America in jurisdictions that Canada cannot reach so they can do it with impunity," said Polsky.
In 2015, the Calgary police received less than 50 reports of ransomware-related crime.
"But we know from global cybercrime reports that the occurrence rates are likely much higher. That's why we hope and encourage people to report this type of crime to the police — just so we can get a better handle on it," said Jepson.
Ransomware strikes again
Another small Calgary business was also hit recently with ransomware.
In November, the owner of the Noir Lash Lounge in Mission had her personal laptop infected after she opened an email attachment that she thought was a resume.
"I was rushing, which was my own stupidity," said Cheryl Mix. "I really just should have taken a minute, and slowed down."
After consulting with an IT expert, Mix decided not to pay the hacker a ransom.
"He said he could remove the virus and then have it usable again but.… It's never going to be 100 per cent. So I just ended up buying a new laptop."
While she did lose some documents and photos, Mix says luckily, the ransomware had not got to her most important files stored on her work computer.
'Pay and move on'
"Some of these ransomware programs are using extremely good encryption software," said Polsky.
So good, they can get through antivirus software — especially if you're not updating it daily, said Polsky.
While she says backing up your computer is "essential," it's not always cheaper to remove the virus and reinstall your files.
"It would take way too much time and money and resources to try to undo it yourself. You just pay it and move on."
While most companies have IT departments to stamp out these fires, Polsky says employees are not usually well trained.
She says it's important that companies educate their staff on how to spot fake emails because, often, that's how ransomware weasels its way into databases.
Along with that, teach staff how to identify what is a questionable website.
"Being a little bit suspicious is a healthy thing sometimes," said Polsky.