In the past year, malicious hackers have taken hostage databases of information from hospitals, police departments, public transit and libraries. This trend will continue, cyber security experts warn, and in 2017, attackers are now turning their sights on consumers.
“It is a billion dollar business,” said Darren Guccione, CEO of Keeper Security. “No one is safe.”
The crime is called ransomware. Cyber criminals send malicious software – disguised to look like a legitimate email or web link – to trick undcknowing consumers to click it. Once that happens, the attackers are able to lock up the device and encrypt its files until they receive payment.
Think of it as a modern-day digital ransom note. Up until now, computers were the hostage of choice, experts said.
“This is the first time I’ve seen this kind of malware on a television,” said Darren Cauthon, a software programmer.
On Christmas Day, Cauthon said a family member downloaded an app for free movies on her smart television. Within an hour, Cauthon said the TV froze and flashed a message from the FBI demanding a $500 payment.
“(The TV) could not be used for any other function, and there was no way around it,” said Cauthon.
He posted the predicament to Twitter and received an overwhelming response. Cauthon said the television manufacturer, LG Electronics, and its engineers were able to help unlock it by walking him through a factory reset of the Android-based TV.
“Data security and consumer privacy are top priorities at LG,” said LG spokesman John Taylor. “This particular model is one of a few LG TV’s from three or four years ago using the Google TV Smart TV platform. This appears to be a Google issue, not an LG issue.”
A Google spokesman did not address our request for comment on Cauthon’s experience.
“Ransomware is now mainstream,” Guccione said. “Our homes on average have ten Internet-connected items in them today. Whether it’s an alarm system, an automation system, a camera, a doorbell, a smart TV, a smart refrigerator…these objects are all endpoints and can be infiltrated with this type of malicious code.”
Guccione and other experts said ransomware is now more readily accessible to purchase in a pre-packaged format on the dark web, which makes it easier for inexperienced cyber criminals to carry out an attack.
Washington, D.C. Police disclosed that hackers planted ransomware in 70 percent of recorders for surveillance cameras, just days before President Donald Trump’s inauguration. The attack forced officials to temporarily take the devices office.
In late January, the Cockrell Hill Police Department in suburban Dallas sent a press release stating a ransomware attack on its server resulted in the loss of years-worth of evidence. The department did not pay the ransom.
“It is unknown at this time how many total digital copies of documents were lost, as it is also unknown how many videos or photographs that could have assisted newer cases will not be available, although the number of affected prosecutions should remain relatively small,” the release stated.
Last February, the Hollywood Presbyterian Medical Center paid $17,000 to hackers who took over its systems.
The Midlothian Police Department confirmed it paid hackers $600 to save data on an infected computer in February 2015.
The FBI does not encourage paying a ransom because it does not guarantee an organization will regain access to data.
In order to thwart an attack, the FBI and cyber security analysts said consumers should back up data to a secure source and get anti-virus software.
For smart televisions and computers, experts also recommend consumers should keep their operating systems current and install updates when prompted.
“You just have to be proactive and vigilant and self-aware of what you’re clicking on. Things have changed now. The game is completely different and chances are it could happen to you,” Guccione said.