When David Keam鈥檚 Manitoba mattress store was cyberattacked, he treated his ransomware hacker like a salesman.
鈥淗e鈥檚 trying to make a sale. How hard is he willing to work for that sale?鈥 Keam told CTV Winnipeg.
The 鈥渙pening bid,鈥 as Keam called it, was a demand for 0.6 of a Bitcoin, which worked out to about US$6,500. To regain access to the Best Sleep Centre鈥檚 computer server, Keam negotiated with the hacker. He managed to work him down to US$2,000.
It鈥檚 just the latest example of Canadians getting hit by 鈥渞ansomware,鈥 which allows a hacker to lock a computer and hold its data hostage.
Last month, the Town of Wasaga Beach to regain access to one of its servers and planned to make additional transactions for access to two others. Also in May, there were attempts to extort BMO and CIBC-owned Simplii, hacks that compromised the information of . Those banks have a policy not to pay random demands, but that鈥檚 not always the case for smaller institutions. In 2016, the University of Calgary paid $20,000 to unlock its computer systems.
鈥淭his is a highly profitable business,鈥 said Caleb Barlow, vice president of IBM Security in Boston, Mass. Cybercrime costs the global economy an estimated US$445 billion each year, he added, quoting a figure from the .
Getting the data back is difficult once files have been encrypted, said Tim Robinson with the Winnipeg-based computer consultant company Prophet Business Group. 鈥淭he only way to decrypt them is either to restore them from a backup, or pay the ransom,鈥 he said.
Experts suggest computer users avoid opening suspicious links and attachments.
鈥淭he idea is to try to trick the victim into running a malicious piece of code,鈥 Jerome Segura, a senior malware intelligence researcher at San Jose-based Malwarebytes, told The Associated Press last year after a major cyberattack that hit hospitals, companies and government agencies. 鈥淭he age-old advice is to never click on a link in an email.鈥
Though malware often infects computers through those 鈥減hishing鈥 scams, Winnipeg mattress store owner Keam believes he became vulnerable to the ransomware attack by using an older version of Windows on his server that needed upgrading. He鈥檚 since updated the company鈥檚 software.
With a report from CTV Winnipeg鈥檚 Jon Hendricks and with files from The Associated Press