Heads in the sand?

From Sgt Steve Smith, Mackay District Crime Prevention Unit
Having been happily typing away on the Mackay district police blog since November 2013, I’m a little nervous to say that this is the first time I’ve blogged for anybody else. I’ve taken the first step and started pounding the keyboard – so let’s go.

Our work in the crime prevention office requires us to frequently engage with the community at a face to face level. We do this often delivering presentations on a variety of topics (road safety, online safety, drug education and awareness, security audits etc). After the presentations have been delivered we are often invited to stay behind for a chat, coffee/tea… and, when we are lucky – food (how I’ve maintained my weight over the last few years puzzles me). It’s in these informal chats that our eyes and ears are wide open.

We haven’t had to listen that hard to sync in to what’s happening around our community. I’ll lead you into the topic with what is a cool yet troubling word – ransomware.

The name gives it away, but let me tell you exactly how it works. Ransomware is one of the leading forms of cyber-crime which has become extremely prevalent in Australia and around the globe. Mackay residents are also feeling the pinch. Here’s how it works:

  • the ransomware virus is introduced to your system (business/home/tablet/laptop or smart-phone) through an infected email or a “pop-up” style message that you respond to.

  • the virus decrypts everything on your system, turning it into gobbledygook that makes no sense.

  • the virus is designed to give you (the victim) a message. It will tell you in a number of ways (depending on where the malware originated from) that you have lost access to all of your data. You can get it back by using the unique encryption key which they provide… but hey, it costs money to access this key. A timer will be linked to this message… it’s counting backwards to zero.

  • when the timer hits zero… you lose your information permanently and the offer to access the encryption key is gone. Permanently.

Let’s put this into perspective. If the information you lose is privately owned and not sensitive, you could expect to pay a relatively small amount of “ransom” to reclaim it. It’s your money the criminals want, not the information as such. But when you operate a business of any size or you have private and sensitive data lost – you are in a whole different ball-game. We know globally ransom amounts being demanded are rapidly increasing, and the cyber criminals are being smart about who they target.

In Australia, we have learned that health organisations and legal firms are our most over-represented ransomware targets. Why? The information which is hijacked is far more sensitive… meaning it is has higher value. Ransom demands are much more significant when this is the case.

I would never share the identities of the victim organisations which exist in the Mackay district – but I can tell you that we have no shortage of them. You would not know this from checking our statistics as many victims choose not to report the incident – even if they lose both money and sensitive information.

This is concerning. From the perspective of the criminal, if you are operating a high return, low risk scheme – are you likely to change the way you do business? Not likely. Ransomware is here to stay until we change the way we respond to it. If you fall victim to the virus, and many of you reading this article will, I encourage you to report the matter to the Australian Cybercrime Online Reporting Network, otherwise known as ACORN. This is the first and easiest step to holding the criminals accountable!