The hack attack that takes your computer hostage till you pay
WILLIAM BRANGHAM: Inna Simone is retired, a mother and grandmother from Russia who now lives outside of Boston. Last November, her home computer commenced acting strangely.
INNA SIMONE: My computer was working terribly. It was not working, I mean, it was so slow.
WILLIAM BRANGHAM: A few days later, while searching through her computer files, Inna spotted dozens of these messages — they were all the same. They read: “Your files are encrypted. To get the key to decrypt them, you have to pay $500 dollars.” Her exact deadline — December 2nd at 12:48 pm – was just a few days away.
All her files were locked — tax comes back, financial papers, letters — even the precious photos of her granddaughter zoe. Inna couldn’t open any of them.
INNA SIMONE: It says, “If you won’t pay, within one week or whatever, your fine will dual. If you won’t pay by then, all your files will be deleted and you will lose them forever and never will get back.
WILLIAM BRANGHAM: Inna Simone — like hundreds of thousands of others — had been victimized by what’s known as a “ransomware” attack. Hackers — who law enforcement believe come mainly from eastern Europe or Russia — manage to put malicious software onto a victim’s computer, often via an email attachment or a compromised website. That software then permits the hackers to lock up your files — or your entire computer — until you pay them a ransom to give it back. Ransom requests have ranged from a few hundred dollars to several hundred thousand.
Justin Cappos is a computer security experienced at Fresh York University.
JUSTIN CAPPOS: It will actually lock you out of the files, the data, on your computer. So you’d be able to use the computer but those files have been encrypted by the attacker with a key that only they wield. It’s frustrating because you know the data is there. You know the files are there. You know your photos and everything is there and could be accessible to you. But you have no way of being able to get at it because of this encryption that the attackers are using.
WILLIAM BRANGHAM: Inna was panicked. Computer technicians were no help. She didn’t want to call the police… her spouse at very first said don’t pay the ransom, but she wished those files back.
In their ‘ransom note’, the hackers wished to be paid in bitcoin — the largely untraceable digital currency — and have it put into their anonymous account. Inna had never heard of bitcoin, but the hackers, in one of their many touches of what you might call ‘customer service,’ provided all sorts of helpful facts and links and how-to guides about bitcoin.
Alina Simone is Inna’s daughter.
ALINA SIMONE: If you see the ransom note you can see, oh, they attempt to reassure you about bitcoin. We have got screen shots or here is a link to some kind of a guide that talks you through the entire process, and here’s a list of providers with a little kind of yelp-like reviews next to each one that kind of explain their strength and weaknesses. It’s amazingly sophisticated.
WILLIAM BRANGHAM: After days of debate, Inna determined to pay. She sent a money order to a bitcoin seller, but it was Thanksgiving, and a enormous snowstorm hit Boston, which meant the check only arrived the afternoon before her deadline. And, in that delay, bitcoin’s exchange rate had switched, and now her check didn’t cover the utter $500 ransom – it was about $13 brief. Her last resort was this bitcoin ATM machine in Brooklyn, NY — conveniently not far from her daughter Alina’s apartment.
ALINA SIMONE: It’s very kind of spooky looking ATM. It has no buttons. It just had a slot that you feed your money into.
WILLIAM BRANGHAM: Tuesday afternoon, the utter ransom was sent to the hackers account. But it was two hours late. Inna added one brief message with her payment.
INNA SIMONE: I wrote: “I wish you all will drop dead.”
WILLIAM BRANGHAM: The F.B.I. doesn’t have accomplish data on how often these attacks occur. Computer security researchers estimate close to a million users have been hit globally during the last year. One tech stiff estimates that more than a quarter of victims pay the ransom, which cyber security experts discourage because they don’t want to encourage more hacking.
And it’s not just individuals who get hit: hackers have hit several local police stations. We heard of law firms being targeted. Even the city of Detroit had its data held for an 800,000 dollar ransom by hackers. The city didn’t pay.
SUPERINTENDENT TERRY VAN ZOEREN: When you think of a technology hack, you think of data or files that are being demolished, or taken, ransomware, I learned, doesn’t work the way.
WILLIAM BRANGHAM: Last month, Terry Van Zoeren had to learn all about ransomware when his southern Fresh Jersey school district got hit. Hackers compromised the entire district’s computer system — causing problems with hard drives via the system: administrators’, those in the classrooms, the computers that processed kids’ lunch payments, even the standardized tests that were going on when the hack occurred.
SUPERINTENDENT TERRY VAN ZOEREN: We had to shut down student testing for a number of days until we got control of the PCs. And there were 100s of PCs in the district.
WILLIAM BRANGHAM: Van Zoeren said the hackers demanded five hundred bitcoin, which at the time was about $128,000 dollars in ransom. School officials didn’t pay (there’s obviously no ensure paying up gets your data back.) Instead, they called the local police. School officials says no student or parent data was stolen, and after a costly, elaborate rebuilding of their network, they were able to get back up and running.
NYU computer scientist Justin Cappos says hackers go after such seemingly puny targets because they’re pretty effortless: victims often inadvertently download the viruses themselves by clicking on those email attachments. Besides, he says, the risks of getting caught are low, and if you cast a broad enough net, you’ll get something.
JUSTIN CAPPOS: When you go fishing, you don’t attempt to catch every fish in the ocean. You only wanna catch some. And if you catch enough of them, then it’s been a profitable journey for you.
WILLIAM BRANGHAM: When her mom got hacked, Alina Simone — who’s a journalist by day — did some research into ransomware for a lump she wrote for the Fresh York Times. She says it’s alarming how organized and effortless it is to carry out these kinds of attacks.
ALINA SIMONE: There are people making viruses, selling viruses. There are distributors whose specialty is distributing viruses. These perpetrators, they don’t have to know a line of code. They can just buy a virus and then hire a distributor and send it out. And it’s kind of just an off the shelf, you know—
WILLIAM BRANGHAM: Wow. Buttplug and play corruption.
ALINA SIMONE: Right. And so that’s sort of the scariest thing that, just one person can just pull out all of this chaos and malice on the world with very little effort.
WILLIAM BRANGHAM: Her mom’s story, however, wasn’t over. Inna had paid the hackers $500 — but rather than releasing her files as promised — they sent her this message. It said “You did not pay in time for decryption.” Reminisce, she’d paid two hours late — now the hackers doubled the ransom to $1000, gave her another deadline, and said if she missed this one, they’d delete everything.
INNA SIMONE: If you won’t pay by then, all your files are gone forever.
WILLIAM BRANGHAM: Using a message board the hackers provided (another customer-friendly touch) Inna pleaded with the people she’d previously told to ‘drop dead:’ “We had a snowstorm” … “It was a holiday” and lastly: “I am only two hours late!”
INNA SIMONE: So very first I sent them about all these obstacles and the fact that I was only two hours late and this is indeed harsh.
WILLIAM BRANGHAM: Did this feel strange that you’re attempting to communicate to a group of criminals — who knows where they are in the world — telling “You don’t understand… the post office, the snow, Thanksgiving, the long weekend…” I mean you must’ve felt–
INNA SIMONE: But what else? I mean, this is the only option. It’s either this or nothing.
WILLIAM BRANGHAM: You didn’t think it would work.
INNA SIMONE: Absolutely not.
WILLIAM BRANGHAM: But later that day, the hackers released her files in utter.