Hack Day: Held to ransom

Hacker

Criminals can extort money from you from the safety of their computer. Our hacker for the day Jonathan Swift (Swifty) explains how.

Take this seriously. Very seriously.

You will be seeing messages on all screens throughout your company. Unless you follow these instructions not only will all your key files be frozen and eventually destroyed but all of your clients will be attacked by us as well.

OOPs! Your important files are encrypted.

“If you are reading this message then most of your important files stored locally and on your servers are no longer accessible because we have encrypted them. If you think your IT department can recover them don’t waste your time. Nobody can recover the files we have encrypted without one of our decryption keys.

“We can give you keys to unlock all of your files and recover your data. All you have to do is send Bitcoins in a wallet to the address below.”

That’s the main thrust of the message people across this business are seeing this morning.

The solution is simple. To unlock every file affected you will need to pay 1.2 Bitcoins to unlock each and every file. That’s a lot of Bitcoins and a lot of money, believe me. We’ve locked down hundreds of files on your system. You don’t know which ones, which extensions we’ve targeted or which servers they are hosted on.

We know your response plan. Unleash a utility program to remove our ransomware. We are one step ahead of you. We know more about those hunter programs than you do. Our ransomware is so sophisticated that it covers its tracks, deleting key files in its wake in order to confound attempts to stop it.

Off site, cloud back-ups? Sounds good but we’ve been on your system for weeks already. Your back-ups are already infected. You didn’t spot us? Of course you didn’t as we are many, many steps ahead of you. Our encryption keys are generated offline and embedded into the malware before we initiate the attack.

Every locked file contains details of how to cough up to unlock it. Once you authorise the Bitcoin payment the file will be unlocked. The trail of where the dosh goes will be hidden, vanishing as soon as the money leaves your account. We’ve found a thousand different ways of moving the money through the cryptocurrency environment in seconds so don’t even waste your time thinking you can trace where your money has gone.

Any attempt to bring in the authorities will be immediately spotted by us. We will retaliate. Not only will the destruction of your files start immediately but we will flood social media with stories smearing your senior management. You won’t be able to stop it going viral. The videos are good, very good.

And if it gets nasty we can be very nasty. Car parks full of staff cars. Very vulnerable. How secure are your office buildings? We can test that for you.

The choice is yours. Lose your most important files, see your CEO dragged through the mud and spend weeks trying to restore your systems – or just pay us a few million pounds or dollars in untraceable Bitcoins.


What is the aim of Hack Day?

Insurance Age and Aviva believe that understanding cyber threats are mission critical to the success of brokers today. That’s why Insurance Age is hosting a full website takeover!

As part of the day our intrepid content editor Jonathan Swift (Swifty) is delving into the mind of a malicious hacker and highlighting exactly what they can do to damage your business and the business of your clients. He shows how four types of hack work and the impact they can have.

We also have a series of articles from Aviva’s head of SME, commercial insurance who explains how to counter the four types of hack and explains how brokers can protect themselves and their clients.

Throughout the day Insurance Age is also hosting a series of live presentations and panel discussions to highlight the latest thinking around cyber insurance and offer brokers the best insight into this dynamic world.

  • LinkedIn  
  • Save this article
  • Print this page  
blog comments powered by Disqus

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected].

You are currently unable to copy this content. Please contact [email protected] to find out more.

You need to sign in to use this feature. If you don’t have an Insurance Age account, please register now.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an indvidual account here: