Ransomware Hackers Are Borrowing Customer-Service Tactics, Say Experts

Advertisement
By Reuters | Updated: 13 April 2016 13:06 IST
When hackers set out to extort the town of Tewksbury, Massachusetts with "ransomware," they followed up with an FAQ explaining the attack and easy instructions for online payment.

After baulking for several days, Tewksbury officials decided that paying the modest ransom of about $600 was better than struggling to unlock its own systems, said police chief Timothy Sheehan.

That case and others show how cybercriminals have professionalised ransomware schemes, borrowing tactics from customer service or marketing, law enforcement officials and security firms say. Some players in the booming underworld employ graphic artists, call centers and technical support to streamline payment and data recovery, according to security firms that advise businesses on hacking threats.

Advertisement

The advancements, along with modest ransom demands, make it easier to pay than fight.

"It's a perfect business model, as long as you overlook the fact that they are doing something awful," said James Trombly, president of Delphi Technology Solutions, a Lawrence, Massachusetts, computer services firm that helped three clients over the past year pay ransoms in Bitcoin, the virtual currency. He declined to identify the clients.

Ransomware victims reported total costs from such attacks of $209 million (roughly Rs. 1,386 crores) in the first three months of this year, the FBI said, citing a tally of complaints it has received. That's up dramatically from $24 million (roughly Rs. 159 crores) for all of 2015.

(Also see:  New Generation of Ransomware Is Emerging)

Costs for victims, beyond ransom, can include large bills for technical support, consultants and security software.

Advertisement

In the December 2014 attack on Tewksbury, the pressure to pay took on a special urgency because hackers disabled emergency systems. That same is true of additional attacks on police departments and hospitals since then. But all sectors of government and business are targeted, along with individuals, security firms said.

Some operations hire underground call centers or email-response groups to walk victims through paying and restoring their data, said Lance James, chief scientist with the cyber-intelligence firm Flashpoint.

Advertisement

Graphic artists and translators craft clear ransom demands and instructions in multiple languages. They use geolocation to make sure that victims in Italy get the Italian version, said Alex Holden, chief information security officer with Hold Security.

While ransomware attacks have been around longer than a decade, security experts say they've become far more threatening and prevalent in recent years because of state-of-the-art encryption, modules that infect backup systems, and the ability to infect large numbers of computers over a single network.

Advertisement

Law enforcement officials have long advised victims against paying ransoms. Paying ransoms is "supporting the business model," encouraging more criminals to become extortionists, said Will Bales, a supervisory special agent for the Federal Bureau of Investigation.

But Bales, who helps run ransomware investigations nationwide from the Washington, DC office, acknowledged that the payoffs make economic sense for many victims.

"It is a business decision for the victim to make," he said.

Run-of-the-mill ransomware attacks typically seek 1 bitcoin, now worth about $420, which is about the same as the hourly rate that some security consultants charge to respond to such incidents, according to security firms who investigate ransomware cases.

Some attacks seek more, as when hackers forced Hollywood Presbyterian Hospital in Los Angeles to pay $17,000 to end an outage in February.

Such publicized incidents will breed more attacks, said California State Senator Robert Hertzberg, who in February introduced legislation to make a ransomware schemes punishable by up to four years in prison. The Senate's public safety committee passed the bill on Tuesday and sent it to the appropriations committee for further review.

Some victims choose not to pay. The Pearland Independent School District near Houston refused to fork over about $1,600 in ransom demanded in two attacks this year, losing about three days of work from teachers and students. Instead, the district invested tens of thousands of dollars on security software, said Jonathan Block, the district's desktop support services manager.

"This threat is real and something that needs to be dealt with," Block said.

The town of Tewksbury has also upgraded its security technology, but Sheehan says he fears more attacks.

"We are so petrified we could be put into this position again," he said. "Everybody is vulnerable."

© Thomson Reuters 2016

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Apps, Hackers, Internet, Ransomware
Advertisement

Related Stories

Popular Mobile Brands
  1. Xiaomi 18 Pro Max Prototype Leaked With Dual 200MP Cameras, 100W Charging
  2. Samsung Galaxy Z Fold 8 Series Could Ship With This Notable Display Upgrade
  3. Vivo Y500 4G Makes Global Debut With an 8,100mAh Battery: See Price
  4. Moto G77 Power Listing Confirms Key Specifications Before July 8 Debut
  5. Samsung Galaxy Z Fold 8 Series, Galaxy Flip 8 Price Leaked Ahead of Debut
  1. Apple Brings Back Card Payments for App Store and iCloud Transactions in India After Five Years
  2. Samsung Galaxy Z Fold 8 Series Tipped to Launch With a New Hinge to Minimise Display Crease
  3. Huawei Mate X8 Display, Camera Details Leaked Online; Mate XT 2 and Mate X8 Said to Launch With Kirin Processor
  4. Redmi Said to Be Working on 7-Inch 'Performance' Smartphone
  5. Bitcoin Trades Near Two-Week High as Crypto Investor Sentiment Improves
  6. iOS 27 System Prompt Reportedly Hints at Apple’s New Smart Wearable With Two Cameras
  7. Xiaomi Civi Series Discontinued With No Next-Generation Model Planned, Claims Tipster
  8. Apple’s Foldable iPhone to Hit Shelves Later Than Anticipated Due to ‘Manufacturing Challenges’, Analyst Claims
  9. Samsung Galaxy F70 Pro Bluetooth SIG Listing Suggests Its Launch Might Be Right Around the Corner
  10. iPhone Air 2 Design Leaked in New Renders That Point to Dual 48-Megapixel Cameras
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.