While all the world’s attention has been on the Target credit card breach, 2013 should be remembered instead for a different threat that emerged – namely the Cryptolocker virus. For those of you who hadn’t heard of it, when the Cryptolocker virus gets onto a PC it goes out and encrypts the data (both locally and on the network) and prevents you from accessing it. Once the data is encrypted, you have 72 hours to pay a fee to get the keys to unlock the data. After the 72 hours the keys are lost and the data is locked forever.
This type of virus – dubbed “ransomware” – is not really a new thing. What has made Cryptolocker much more of a threat is the fact that once your data is encrypted it can’t be unlocked; you must either pay the ransom to get data access back or you need to restore the files from backup. Earlier types of ransomware would encrypt the data, but the encryption algorithms were weak and the data could be easily recovered. With a much higher “success rate” of encrypting the data, the power of this virus cannot be overlooked.
When people have complained to me about the amount of viruses, malware and spam that are out there my explanation has always been the same – it’s a big business. While other viruses and spyware have been money makers, Cryptolocker has shown just how big the business can be. The creators of Cryptolocker used Bitcoin as their method of payment, primarily for the ability of the transactions to stay off the grid. The other challenge that it creates is the efforts to calculate just how much money these folks have taken in given that value of Bitcoin fluctuates on a daily basis. One set of researchers (see the story here) puts the ransom haul at $27,000,000 – let me say that number again, $27,000,000. Still think these viruses are just a nuisance?
I said at the start of this post that I feel that Cryptolocker is a much bigger deal than the Target breach. Here’s my rationale – if someone gets your credit card and makes unauthorized charges, then the credit card can (and is legally bound to) wipe these charges off. But Crytolocker begs the question – what’s your data worth? If you get infected and your data wasn’t backed up, it’s gone unless you pay for it. How do you place a value on that?