Ransom paid by police and law firms to hackers, says Calgary privacy expert

The president of the Privacy and Access Council of Canada says small businesses, like the Kensington Wine Market, are not the only ones shelling out to cyberthieves to regain control of their computers.

‘If it’s worth it to them to regain control of their information, absolutely they’re going to pay it:’ expert

Security experts warn about ransomware — where computers are locked down by cyberthieves and money, usually in the form of bitcoin, is demanded. (Ryan Remiorz/Canadian Press)

The president of the Privacy and Access Council of Canada says it's not just individuals and small businesses who are shelling out to hackers who infect their computers with viruses.

"Police departments and law firms are very, very attractive targets and they pay quite often," said Sharon Polsky, a Calgary data protection and privacy expert.

"If it's worth it to them to regain control of their information, absolutely they're going to pay it," she said

At least two U.S. police departments have paid off cyberthieves after days of trying to decrypt locked systems and even the Calgary police has been targeted.

"It's not uncommon," said Staff Sgt. Ryan Jepson, with the electronic surveillance unit. "It's just so prevalent." 

Ransomware is a form of malware or malicious software that seeks out files on your computer and locks them, making them inaccessible to you. Then, cybercriminals demand money — a ransom — to unlock your files.

The Kensington Wine Market did just that this week, shelling out $500 in bitcoin, a form of digital currency often used by hackers because it's difficult to trace.

"Often [they] do these exploits from outside North America in jurisdictions that Canada cannot reach so they can do it with impunity," said Polsky.

In 2015, the Calgary police received less than 50 reports of ransomware-related crime.

"But we know from global cybercrime reports that the occurrence rates are likely much higher. That's why we hope and encourage people to report this type of crime to the police — just so we can get a better handle on it," said Jepson.

Hackers demanded $500 in bitcoin, a form of digital currency, to unlock the computer files of the Kensington Wine Market in Calgary. (Andrew Ferguson)

Ransomware strikes again

Another small Calgary business was also hit recently with ransomware.

In November, the owner of the Noir Lash Lounge in Mission had her personal laptop infected after she opened an email attachment that she thought was a resume.

"I was rushing, which was my own stupidity," said Cheryl Mix.  "I really just should have taken a minute, and slowed down."

After consulting with an IT expert, Mix decided not to pay the hacker a ransom.

"He said he could remove the virus and then have it usable again but.… It's never going to be 100 per cent. So I just ended up buying a new laptop."

While she did lose some documents and photos, Mix says luckily, the ransomware had not got to her most important files stored on her work computer.

'Pay and move on'

"Some of these ransomware programs are using extremely good encryption software," said Polsky.

So good, they can get through antivirus software — especially if you're not updating it daily, said Polsky.

While she says backing up your computer is "essential," it's not always cheaper to remove the virus and reinstall your files.

"It would take way too much time and money and resources to try to undo it yourself. You just pay it and move on."

Be prepared

While most companies have  IT departments to stamp out these fires, Polsky says employees are not usually well trained.

She says it's important that companies educate their staff on how to spot fake emails because, often, that's how ransomware weasels its way into databases.

Along with that, teach staff how to identify what is a questionable website.

"Being a little bit suspicious is a healthy thing sometimes," said Polsky.

Comments

To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.