Ransomware threat rising

When law enforcement is paying ransoms to the bad guys, you know you have a serious problem: In this case, it’s sophisticated viruses known as ransomware. Police departments have been among the victims of what some technology-security firms say is a growing threat to Internet-reliant businesses nationwide.

“Ransomware is becoming more prevalent,” said Eric Shorr, president of Secure Tech Future Solutions in Warwick. “We’re starting to see it on a regular basis. … A couple [of businesses] have had to pay the ransom.”

Most of the firm’s 100 clients are small businesses, he said.

Ransomware includes viruses such as CryptoLocker, CryptoWall, and KEYHolder. Typically, an employee’s click on an emailed file launches the virus, which encrypts data, rendering it useless. The ransom is often a few hundred dollars for a key that unscrambles and restores the data.

- Advertisement -

“The basic protections you get don’t cut it anymore,” said Raymond Calore, president of BCI Computers of West Warwick.

According to The Boston Globe, viruses compromised two Massachusetts police departments and others in Illinois and Tennessee to pay to recover scrambled data. The Tewksbury and Swansea departments in Massachusetts had to pay ransoms of $500 in 2014 and $750 in 2013, respectively. Police chiefs in those towns could not be immediately reached for comment.

BCI recently restored data for Providence Business News, which was attacked by a variant of the Crypto virus in late March. Backing up data separately from a company network aided recovery and no ransom was paid.

While only a handful of his clients have been attacked, Calore now recommends a more sophisticated unified threat-management firewall, which costs $2,000 or more.

PBN Publisher Roger Bergenheim acknowledges it was a close call.

“Our whole business is reliant on the Internet so if our information gets corrupted, until we can re-create it or use the backups, we’re out of business,” Bergenheim said.

In Rhode Island, State Police Det. Sgt. John C. Alfred, who heads the state’s Cyber Disruption Team, knows of one local police department he declined to identify that suffered a ransomware attack recently but did not have to pay out.

The viruses do not seek out particular companies or individual home networks, but attack randomly, relying on users to click on email message links or attachments that launch the virus, Alfred said.

Shorr said his company went from dealing with ransomware attacks once or twice in 2014 to six times through mid-April of this year.

“We had an attorney’s office hit, a nonprofit, an environmental lab,” he said. “It crosses all industries. No one’s immune.” •

No posts to display