Ottawa

Dog charity's website held hostage by untraceable ransomware

Sharon McKeil is warning others to be vigilant after her charity's website and her computer's files were held hostage by hackers using what's known as ransomware.

Hackers demand $1,500 ransom for Sharon McKeil's files

Sharon McKeil of BARK says her website has been compromised by ransomware. (Steve Fischer/CBC)

All Sharon McKeil wants is her website back.

McKeil runs the Bytown Association for Rescued Kanines (BARK) out of her home, providing foster care and adoption services for abused or abandoned dogs.

Recently, however, the computer she uses to run the organization's website turned on her.

A robotic voice suddenly announced that BARK's "documents, photos, databases and other important files have been encrypted."

McKeil's computer had been compromised by what's known as ransomware: a type of malware that gets into the computer either through an email attachment or by the user accidentally clicking on a compromised website.

$1,500 ransom demanded

The instructions on her computer originally demanded that she pay a ransom of $500, through the untraceable internet currency bitcoin, or risk losing all of her files. After seven days, the ransom went up to $1,500.

McKeil was devastated.

"[The malware] encrypted all my files, all my BARK files and BARK photos for the last 15 years," she said.

The ransomware also made it impossible to update the site, McKeil said, meaning BARK couldn't add photos of recently found dogs or receive messages from people wanting to adopt.

McKeil contacted computer consultant Chisel Cantwell to see if he could fix the problem.

Chisel Cantwell of Action Computer Services says ransomware has become more prevalent and sophisticated. (Steve Fischer/CBC)

While ransomware has been around for a decade, there has been a recent upswing in its use, Cantwell told CBC News. He said he's been called in by several companies in the past few weeks to try and de-bug computers that have been compromised.  

Recent versions of ransomware, Cantwell said, are getting harder and harder to crack.

"In this case there is no recovery software.  The only recovery software is what the thieves have and you have to buy it from them. So to me, this is the most malicious virus that you can get," Cantwell said.

Police admit they can do little 

Police say ransomware usually originates overseas and is difficult if not impossible to trace, so there's little they can do except warn people to make backup copies of their hard drive. 

Sgt. Paul Batista of the Ottawa Police Service's computer forensics unit says prevention is the best defense.

"If you back up your computer, once you reset you can go back to the last known good copy of what's on your system," Batista said.

Sgt. Paul Batista of the Ottawa Police Service's computer forensics unit says there's little police can do to catch cybercriminals who use ransomware. (Steve Fischer/CBC)

Cantwell has been able to rebuild the BARK website so that it functions again, although all of its historical data is still encrypted.  

The charity says it can assure its supporters that they can't get the virus by going on the website.

Now, McKeil has to decide if she will pay the ransom. According to most of the computer specialists she's consulted with, companies who've accepted the ransom demands end up getting their files back, McKeil said.

"So we are between a rock and a hard place," she said. 

now