The employees of an ayurveda company in Amritsar recently came to office to find themselves locked out of their computers. Try as they might, they were unable to log in. Their usernames and passwords had been rendered null and void. When the company’s IT team investigated, it found that the main server had been hacked and locked.
Through a cryptic message, the cyber criminals let it be known that if the company wanted to retrieve its data, it would have to pay a ransom in the form of bitcoins, the digital currency, at its current exchange rate.
This is not the first such case of “digital kidnapping” that has been reported in India. Advocate Prashant Mali, a cyber law expert from Bombay high court who prefers to use the term digital “extortion” instead of “kidnapping”, says there are many such incidents across the country.
Ransomware was also used on Maharashtra government computers and the data encrypted, he says. Among the victims whose cases he has handled or is handling are chartered accountants, lawyers and other professionals whose computers were encrypted and an amount of up to $500 demanded. Financial organisations and web service providers are among others who face similar attacks.
Be cautious about unsolicited attachments. Cyber criminals rely on your dilemma of whether or not to open a document. If in doubt, leave it out.
Don’t give yourself more login power than you need to. And, don’t stay logged in as an administrator any longer than is strictly necessary. Also, avoid browsing, opening documents or other unnecessary activity while you have administrator rights.
Mali also advises against enabling macros in document attachments received via email. “Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure,” he says. “A lot of malware infections rely on persuading you to turn the macros back on; so don’t do it.”
Consider installing the Microsoft Office Viewers. These viewer applications let you see what the documents look like without having to open them in Word or Excel. In particular, the viewer software doesn’t support macros at all, so you can’t enable macros by mistake.
So, what is digital or cyber extortion?
A malware, or malicious software, such as Locky or CryptoLocker is sent to the target computer in the form of an email. Once this malware is downloaded into the computer, it encrypts the hard disk — that is, it makes the files in the hard disk meaningless. The data then appears only as indecipherable characters such as $#··*($&.
The victim is able to access only one jpg (picture) file. “This jpg file contains the instructions to pay the ransom in the form of bitcoin or any other cryptocurrency,” says Mali. Once you pay up, the hard disk might be decrypted, making the data accessible again. However, cautions Mali, there is no guarantee that the data would be restored as many novice hackers buy ransomware from the dark web and many a time they are themselves duped by sellers who do not provide them the decryption key.
Anyone who does not follow basic security practices, who clicks links found in unknown emails or who downloads files received from unknown senders is vulnerable to digital extortion.
A cyber criminal can target anyone — an individual or a company — whose security is weak or who is negligent. So, the importance of keeping a recent backup copy off-site cannot be stressed enough.
“There are dozens of ways, other than ransomware, that files can suddenly vanish, such as fire, flood, theft, a damaged laptop or even an accidental delete,” says Mali. Encrypt your backup and you won’t have to worry about the backup device falling into wrong hands.
In case of a cyber attack, retrieve the data from the backup or visit an anti-virus website such as Kaspersky that has a database of decryption algorithms.
So far, the police across India have not cracked a single case of digital extortion, which is a multi-million dollar business with international cartels involved, says Mali. Since the money is paid in bitcoin, it makes these attackers virtually untraceable.