A ransomware device named CryptoLocker encrypts users personal files and demands money for them to be unlocked. Whilst ransomware is not a new tactic in the cyber criminal world is has seen a stark resurgence in recent weeks.
What’s more, while you will no longer be able open, read or view your files, anyone with the decryption key could easily do so. That means any of your documents containing passwords or personal information, along with your photos and videos, could potentially be accessed by cyber-criminals – and although there is no evidence of encrypted files being uploaded or sold on for this purpose at the moment, it is theoretically possible. This could lead to a stark rise in identity theft.
CryptoLocker is not technically a virus but instead a sophisticated piece of software. Many people come under attack from visiting website or opening seemingly legitimate e-mails.
Ryan Rubin, MD of global risk consultancy Protiviti, says: “CryptoLocker has been designed to make money using well-known, publicly available cryptography algorithms that were developed by governments and other legitimate bodies. Unless you have the key, you simply cannot unlock the data that is encrypted.”
The malware downloads the public key on to your computer, but the private key is kept on the cybercriminals’ “command and control” servers and cannot be found or recovered on your computer.
The CryptoLocker is used specifically to make money for cyber criminal gangs. Users have been urged to not pay the ransom. The ransom is requested in bitcoin as the online currency is almost entirely untraceable.
This week Massachusetts police have admitted to paying a bitcoin ransom after CryptoLocker. Whilst no data was stolen the FBI are now investigating the infection of the police computers.