BCBusiness

(aBovE) pEtEr holst octoBEr 2016 BCBusiness 23 intrusive software, or malware, that prevents a user from inter- acting with Žles, applications or systems until a ransom is paid— drew attention to a threat that has increasingly plagued busi- nesses and individuals around the world. According to recent reports by the Canadian Cyber Incident Response Centre and the RCMP, cybercriminals are frequently targeting institutions, hospitals, dentists and law Žrms. Wisniewski, who dropped out of high school at 15 and started hacking computers in the '80s ("when it was interest- ing and legal"), has followed the progress of shadowy ransom- ware perpetrators since the Žrst documented incident in 1989. Then, Joseph L. Popp, an American biologist, distributed a …oppy disk to people who believed they were getting information on AIDS. The disk infected computers with a virus, locking Žles, and users were instructed to send $189 to an organization in Panama to receive another disk that would decrypt their Žles. In 2006, "fake anti-virus programs" started circulating. A message would tell the user that viruses had been found on the computer, and if they paid up, it would be cleaned out. The current iteration of ransomware began in 2013, this time aided by the anonymous digital currency Bitcoin. Now, I n June, the University of Calgary fell victim to a cyberattack, in which its email server was encrypted and millions of Žles were locked. An unknown person or organi- zation demanded $20,000 ransom, and the university paid up. There were 1,800 faculty involved in the breach, facing the potential loss of valuable research. According to one Vancouver security expert, the university's decision is unfortu- nate but understandable. "Encryption works," says Chester Wisniewski, a researcher in the Vancouver o'ce of global Internet security Žrm Sophos Ltd. "The criminals that are doing it properly, they're doing it the same way as we're doing it commercially, or the govern- ment is doing it. There's no undoing it—you either get the keys from the criminal, or your Žles are gone." University of Calgary's expe- rience with ransomware—an Please Release Me ransomware is holding com- puters hostage across the world. For many businesses, the choice is clear: lose files or pay up by Marcie Good TECHNOLOGY 79% Share of B.C. residents who will buy extra Halloween candy so they can eat the leftovers themselves 15.8% Share of Canada's confectionary manufacturers located in B.C. $215 Annual per-household spending on candy and chocolate in B.C. says Wisniewski, the cyberfraud perpetrators run their scams like a business. They price test, sending out various versions of a malware with diŒerent prices to see what the market will bear, and seem to have arrived at a "sweet spot" between $300 and $500. They seem to con- tract their services, as the same messages ("We attempted to deliver a package to your home. Please open the attachment…") often appear with diŒerent viruses. They have service- oriented instructions about where to Žnd Bitcoin ATMs and tech support oŒering live chat. Wisniewski warns people to back up their Žles, use anti-virus software, keep all programs and operating systems updated, and warn employees about open- ing suspicious attachments. "If you've got three or four diŒerent protections running and they're all 80 to 90 per cent successful, then you've mini- mized your risk," he says. "But anybody that tells you they have a solution is lying. These are hard problems to solve." sourcE: ostErman rEsEarch According to a survey of 540 companies across the U.S., Canada, U.K. and Germany, nearly 40% have experienced a ransomware attack in the year ending Aug. 2016 of all attacks origi- nated from email 46% Health care and †nancial services were the leading industries attacked, well above the average rate $ On gUaRD Sophos's Chester Wisniewski 79%

• Cover