POSTED BY MARTIN KICH
In an article for the San Diego Union-Tribune, Gary Robbins reports:
“Los Angeles Valley College in Valley Glen said it paid $28,000 in bitcoins to the hackers, who had used malicious software to commandeer a variety of systems, including key computers and emails.
“’It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost,’ the college said in a statement last week.
“The college was hit by so-called ransomware, which encrypts computer files. The hackers then send the victims a message offering to undo the damage if a ransom is paid. . . .
“’The key phrase in the L.A. Valley ransomware story is that they had no other choice but to pay since they lacked a back-up (system). Ransomware is not an act of God,’ said Jonathan Sander, vice president at the Los Angeles-based company Lieberman Software.
“’In most cases, it can be prevented by being careful with email and phishing attacks or remediated by having good back-ups. You have to pay ransomware attackers when you have no way to get back the data they lock up,’ he added.
“’Of course, to maintain good back-ups, an organization needs good I.T. staff and equipment. Neither is free. Schools, especially big-city schools, don’t tend to have the money for that. And when they get stuck with big ransomware payouts, then they have even less money for their mission.’”
In an earlier story providing a broader look at the issue, Robbins reports:
“’It’s entirely possible that [in 2016] we’ll have far in excess of $1 billion in losses’ worldwide related to ransomware, said Special Agent Chris Christopherson, who investigates cyber crimes out of the FBI’s field office in San Diego. . . .
“At least 190 types of ransomware currently exist, experts said. Once a malicious link is clicked, the virus encrypts the files on a person’s computer and freezes the home screen.
“Victims then receive a message saying they have to pay a fee to regain control of their hijacked computers. In most cases, the ransom must be paid in bitcoins, a comparatively new international form of digital currency that’s hard for banks and law enforcement to trace.
“The FBI said every hour, about 4,000 computers around the world become infected with ransomware. . . .
“O’Boyle has seen the attacks evolve. ‘In the bad old days, the same person who attacked you would write the software and send you the malicious email. Now, there are professional software developers who build the solicits that trick you,’ he said. ‘They sell the software to hackers, who also buy email lists and operate the servers needed to handle the traffic,’ he added. ‘They can buy the software and lists on the underground — the (alternate online network known as the) dark web. These “franchisees” hire young, energetic, persistent sales and support people to do the rest of the work.’
“There’s particular concern about a recent innovation in ransomware, said Reg Harnish, chief executive of GreyCastle Security, a firm based in Troy, N.Y.
“There are new variants that offer to decrypt infected victims’ computers as long as they are willing to infect someone else” on their list of contacts, Harnish said. That can create a moral dilemma for the affected consumers and businesses.”
The complete text of the first article by Robbins is available at: http://www.sandiegouniontribune.com/news/science/sd-me-college-ransomware-20170110-story.html.
The complete text of the second article by Robbins is available at: http://www.sandiegouniontribune.com/military/cybersecurity/sd-me-cyber-ransom-20170108-story.html.