Wednesday, December 12, 2012

On being held to ransom . . . .

Mike is a worrier.  For 22 years, he has run his little accountancy practice, doing tax returns for people in the most careful manner.  No 'creative' accountancy gets done in Mike's office, it's all to the letter of the law and strictly by the book.  Still he worries about whether he's getting everything done okay.

He's not a whiz with technology but over the years has managed to acquire a computer system which, whilst not at all sophisticated, serves his needs.  He has a server on which his programs and data are stored, and PCs on his desks at the office connected to the server.  The system is protected by a firewall and virus protection.  He also has a laptop, which he uses at home to connect to the server so that he can continue doing tax returns for people when he gets home.

Approximately two and a half weeks ago, on a Sunday night, he tried to log on to the server from home here.  Once he was connected to the server, he got a strange looking screen which seemed to indicate that there was a problem with the server.  Not to worry, he thought, I'll save it for tomorrow when I get to the office.

His worst nightmare had just begun.

On the following morning, he sat at his desk and watched the program icons on his desktop disappear one by one.  Nothing worked.  His IT guy was called.  The server is not usually connected to a monitor but once this was done, the messages started arriving.

'Your computer has been locked.  Unless you do as instructed, authorities will be informed that we have discovered child pornography on your computer.

Every file on your computer has been encrypted using AES software.  You need a key to decrypt the files.  Don't bother trying to work out the key, it will take you more than a trillion years.

I, of course, have the key that will decrypt your files as I indeed wrote the program that has rendered your computer useless and your files scrambled.  Don't you trust me?  Send me a file, pick any file on your system and email it to me and I guarantee that I will send it straight back to you decrypted.  Because I am such a decent chap.

See, I told you so!  Now, let's talk about the rest of your files.  That key is going to cost you $4000US. It must be sent to me in a totally untraceable method, via Western Union and the criminal's choice, Liberty Reserve.  Email me when you have deposited the money and I will send further instructions so you can watch your money vanish.  By the way, the cost of the key is going to go up by $1000US per week if you dilly-dally.

Okay, I have your money, now here is the key.  (a jumble of approximately 50 letters, numbers, symbols).  Here are a few instructions about how to use the key, but if you have any difficulties, please email me and I will give you lots of assistance'.

That is by no means the exact wording of the ransom request.  Mike has now been effectively out of business for the last two and a half weeks, with 22 years worth of honest work completely jeopardised and no solution offered by anyone except to pay the money.

He has heard that approximately 500,000 computers worldwide have been similarly held to ransom, and that the whole sordid business is expected to get much worse before the charming perpetrator(s) are caught.  Every computer is at risk.

Merry Christmas to us.


  1. Replies
    1. Yes! He said it would and who are we to doubt this most honest and reliable scum of the earth. The decrypting of all the files took up most of the day and the rebuilding of the system went on into the night, Mike wanted to stay at the office so when everything was sorted, he could start a new backup. He ended getting home at 3am this morning, and was gone again by 8. I said 'nice of you to drop in, call in again some time!'