Dog charity's website held hostage by untraceable ransomware
Hackers demand $1,500 ransom for Sharon McKeil's files
All Sharon McKeil wants is her website back.
McKeil runs the Bytown Association for Rescued Kanines (BARK) out of her home, providing foster care and adoption services for abused or abandoned dogs.
Recently, however, the computer she uses to run the organization's website turned on her.
A robotic voice suddenly announced that BARK's "documents, photos, databases and other important files have been encrypted."
McKeil's computer had been compromised by what's known as ransomware: a type of malware that gets into the computer either through an email attachment or by the user accidentally clicking on a compromised website.
$1,500 ransom demanded
The instructions on her computer originally demanded that she pay a ransom of $500, through the untraceable internet currency bitcoin, or risk losing all of her files. After seven days, the ransom went up to $1,500.
McKeil was devastated.
"[The malware] encrypted all my files, all my BARK files and BARK photos for the last 15 years," she said.
- Bitcoin ransom demanded by hackers of Calgary wine store
- Ransomware victims pay cybercriminals to save family photos
The ransomware also made it impossible to update the site, McKeil said, meaning BARK couldn't add photos of recently found dogs or receive messages from people wanting to adopt.
McKeil contacted computer consultant Chisel Cantwell to see if he could fix the problem.
While ransomware has been around for a decade, there has been a recent upswing in its use, Cantwell told CBC News. He said he's been called in by several companies in the past few weeks to try and de-bug computers that have been compromised.
Recent versions of ransomware, Cantwell said, are getting harder and harder to crack.
"In this case there is no recovery software. The only recovery software is what the thieves have and you have to buy it from them. So to me, this is the most malicious virus that you can get," Cantwell said.
Police admit they can do little
Police say ransomware usually originates overseas and is difficult if not impossible to trace, so there's little they can do except warn people to make backup copies of their hard drive.
Sgt. Paul Batista of the Ottawa Police Service's computer forensics unit says prevention is the best defense.
"If you back up your computer, once you reset you can go back to the last known good copy of what's on your system," Batista said.
Cantwell has been able to rebuild the BARK website so that it functions again, although all of its historical data is still encrypted.
The charity says it can assure its supporters that they can't get the virus by going on the website.
Now, McKeil has to decide if she will pay the ransom. According to most of the computer specialists she's consulted with, companies who've accepted the ransom demands end up getting their files back, McKeil said.
"So we are between a rock and a hard place," she said.