20 Jan 2014
Craig Petronella, president of Petronella Technology Group, has seen three small businesses hit with the CryptoLocker since October, and each company has spent about $300 to save their data.
Petronella learned about CryptoLocker after Jerry Hall, who owns Total Systems Heating & Cooling in Spring Lake with his wife, Brenda, shared his concerns about a pop-up on his computer.
Petronella got into the Halls’ computer system and found instructions for making a payment. The pop-up also gave a deadline in which CryptoLocker would permanently encrypt all of the Hall’s files.
“It’s a ticking timer,” Petronella said. “And it’s counting down.”
FBI spokesperson Jenny Shearer wrote in an email that they advise against paying the ransom. Jarvis and Clarke agreed, pointing out that people are funding criminal organizations.
“Sometimes people have their back against the wall, and it is the data for their company for the last 10 years,” Jarvis said.
The Halls used USB hard drives as a backup system, Petronella said, which were also infected by the CryptoLocker because they were connected to the company’s server.
“It wiped me out completely,” Brenda Hall said. “If I didn’t pay the ransom, it would be thousands of dollars in reconstruction.”
CryptoLocker requires Bitcoin or MoneyPak, both untraceable forms of digital currency that can be obtained at major retailers.
Petronella paid the ransom with a $300 MoneyPak card he had purchased on behalf of the Halls.
Within about 20 hours, the hacker group sent the key to start the decryption process. The following day, Petronella found a note indicating the anti-virus program deleted the malware and stopped the decryption process.
“We thought we were going to have to pay again,” he said.
Read more here.