Hackers target prized photos

Online cyber criminals deleted an Auckland couple's computer files, including precious photos and videos of their children, and demanded a ransom of $750 to restore them.

The pair - parents of children aged 6 and 9 - were victims of the so-called "CryptoWall 3.0 ransom-ware", a malicious virus which infected their desktop computer in July and is part of what NetSafe says is a rapidly growing problem.

The father, a computer programmer who asked not to be named, told his family's story of loss and recovery ahead of today's release by computer protection company Symantec of its annual Norton cyber-security report, an online survey of more than 17,000 adults, including 1001 in New Zealand.

The survey found only 45 per cent of Kiwi participants always use a secure password, defined as a mix of at least eight letters, numbers and symbols, and many share sensitive passwords with family and friends.

The Auckland man isn't sure how the virus got on to the computer, but suspects it was from a dodgy email or website that appeared legitimate.

"We didn't even know we had it. It was on our machine for quite a few weeks before we even noticed anything was untoward. It was only when we were trying to play some music files that we realised we couldn't. That was because [the malware] had actually removed the original file and then encrypted ... a new copy of that file that was unplayable; we couldn't run it using any application at all."

There were also new files that directed the victims of the virus to a site which explained that to obtain the encryption key to unlock their files they must pay the equivalent of $750 in bitcoin digital currency. On top of that, the ransom would double if not paid within a week.

The man searched online without success for a solution, until he contacted NetSafe, which pointed him to the website bleepingcomputer.com, where he found free software which, after a 12-hour "deep scan", enabled the recovery of deleted files. This retrieved about 80 per cent of the data, including most of the family photos and small video clips.

"If I couldn't have done that ... I don't know what I would have done, whether I would have paid or not.

"When you have really personal photos and videos - which you don't have any copies of - of your children when they are growing up that are irreplaceable, it really pulls your emotions, your heart-strings."

He said the attack made him extremely angry at the criminals who unleashed the virus.

The man said the computer's anti-virus software had lapsed at the time of the attack and although many of the family images were also stored on other memory devices, he had not backed up the computer's files regularly.

NetSafe digital project manager Chris Hails said ransom-ware was an increasingly common problem.

"In the last 18 months it has been the number one issue for us."

Fifty cases were reported to NetSafe last month.

"There were 40 cases of Android ransom-ware in the last week alone."

The typical demand was for $300, but he had dealt with a business that was told it must pay $12,000 to retrieve its data.

NetSafe and the police told people not to pay ransoms.

"If you pay you are encouraging criminals to keep doing that business model. You don't know if it will work and if you pay it can mark you out for being a future target."

Instead, people should regularly update their devices' software, use an up-to-date anti-virus programme and back up files on usb memory sticks or hard drives or to remote "cloud" storage services.

Cyber safety tips

• Choose secure passwords for each online account.

• Delete emails from unknown senders.

• Don't click on links or attachments in suspicious emails.

• Regularly update your device's software.

• Use an anti-virus programme and keep it up-to-date.

• Back up files on separate memory devices and to online file storage services.

• Report cyber crime to theorb.org.nz.

- by Martin Johnston of the New Zealand Herald 

Add a Comment