The city of Durham withstood two computer viruses in the last week that try to lock files and hold them for ransom.
Hackers used "ransomware" in the attacks, and the virus is a growing concern in cyber security.
“It’s still not super common, but once you’ve got it, there’s not a whole lot of recourse for getting your data back except for paying the ransom unfortunately,” said Pam Guidry-Vollers, a software specialist at The Computer Cellar.
The software is similar to a Trojan horse virus where the "ransomware" gets into a user’s computer without his or her knowing. However, "ransomware" takes it a step further and encrypts data, making it unreadable without the key to translate it. In order to recover one’s files, a user often has to pay a ransom in the form of a MoneyGram card or bitcoins, two untraceable payment methods.
Guidry-Vollers said hackers often ask for $400-700 in ransom for the files, but they also usually give a window of 24-72 hours. If the user hasn’t responded in the timeframe, the ransom increases.
Guidry-Vollers advises people to pay for the ransom, even though it encourages hackers. She said people have to consider how important the data is that could be lost to hackers. But for companies, schools and government agencies, it could be vital to their business.
One California hospital recently paid $17,000 to recover its files, and the FBI is investigating.
“I think that the FBI and other government agencies would not be weighing in on this sort of thing if it was not becoming a serious threat,” Guidry-Vollers said.
The attacks on the city of Durham computer system did not affect sensitive data but rather files such as word documents, spreadsheets and PowerPoints. Kerry Goode, director of the city’s technology solutions department, said these were the first "ransomware" attacks to infect Durham’s files. But although the data was encrypted by hackers, but the city had proper backup systems in place.
“With adequate backups and when backups are done right and best practice, the risk is very low,” Goode said. “But if you have backups you simply rewrite your information back to your production drives and you’re back in business.”
Goode said the Durham city council and city manager have taken cyber security very seriously in recent years. They’ve approved his requests to beef up protection services including multiple anti-spam and firewall layers.
Guidry-Vollers said "ransomware" has been around for about three years, but they’ve grown more sophisticated and harder to circumvent.
“The difference will be if people just make it a habit to copy their data somewhere other than their computer as soon as they save t to their computer,” Guidry-Vollers said. “It’s almost a situation where the onus falls on each of us as individuals. If more people start doing that sort of thing regularly, then this particular threat will not get too much further.”
