Hugh Pickens writes:
Alina Simone writes in the NYT that her mother received a ransom note on the Tuesday before Thanksgiving.“Your files are encrypted,” it announced. “To get the key to decrypt files you have to pay 500 USD.” If she failed to pay within a week, the price would go up to $1,000. After that, her decryption key would be destroyed and any chance of accessing the 5,726 files on her PC — all of her data would be lost forever. "By the time my mom called to ask for my help, it was already Day 6 and the clock was ticking," writes Simone. "My father had already spent all week trying to convince her that losing six months of files wasn’t the end of the world (she had last backed up her computer in May). It was pointless to argue with her. She had thought through all of her options; she wanted to pay." Simone found that it appears to be technologically impossible for anyone to decrypt your files once CryptoWall 2.0 has locked them and so she eventually helped her mother through the process of making a cash deposit to the Bitcoin “wallet” provided by her ransomers and she was able to decrypt her files. “From what we can tell, they almost always honor what they say because they want word to get around that they’re trustworthy criminals who’ll give you your files back," says Chester Wisniewski.
The peddlers of ransomware are clearly businesspeople who have skillfully tested the market with prices as low as $100 and as high as $800,000, which the city of Detroit refused to pay. They are appropriating all the tools of e-commerce and their operations are part of “a very mature, well-oiled capitalist machine" says Wisniewski. “I think they like the idea they don’t have to pretend they’re not criminals. By using the fact that they’re criminals to scare you, it’s just a lot easier on them.”
I don't think it will help much if she resists paying. Maybe it's cynical, but by paying she makes the loss through insecure systems quantifiable. We just need a hotline to collect information of victims and how much they actually paid. Consider following headlines:
To me the first headline sounds like a credible reason to increase spending on security-improvements, the second sounds like some people whining and exaggerating. Maybe it has to get worse before it gets better. (I don't like the criminals earning money either, but I also don't think it's the mothers task to heal the world.)
An interesting angle to view the matter from. I agree that the former would provide some valuable insight into just how effective ransomware actually is, it's definitively preferable to the security sensationalism that plagued many tech sites in recent years.
I'm not so sure that the situation getting worse would in itself lead to an improvement though, no matter how bad things could get - taking into account just how humble most malware was just 20 years ago (it was usually much more destructive, I'll give it that) to the BIOS-patching, HDD sector masking incarnations of TDSS that're out there today.