Dog charity pays ransom to hackers — and gets computer files back

Sharon McKeil is relieved to once again have access to all the computer files she uses to run her charity BARK. But it came at a cost.

“It just galled us to have to do this but we had to get our files back,” McKeil said from her home in Alta Vista, where she has run the foster care and adoption program for dogs for the past 15 years.

A month ago, the charity’s computer was infected by ransomware, a virus that spreads by e-mail attachments or compromised websites, encrypting the host computer’s files.

Instructions that appeared on McKeil’s screen demanded she pay the equivalent of $1,500 Cdn in bitcoins — untraceable internet currency.

Anonymous donor paid charity’s ransom

McKeil’s computer consultant, Chisel Cantwell, advised her that there was nothing he could do to break the encryption and that she would have to pay up if she didn’t want to lose 15 years’ worth of files.

“It’s kind of like someone comes up to you and puts a gun to your head,” Cantwell said. “You are probably going to give them your money.”

Cantwell did manage to contact the hackers on behalf of BARK. “I gave them a sob story that we couldn’t pay this much money,” he said. He also told them it was a charity for dogs.

To Cantwell’s surprise, the hackers responded and said they’d accept half the original demand.

After seeing CBC’s original story about the scam, an anonymous donor came forward offering to pay BARK’s bill.

McKeil said it’s the only way she would agree to the transaction.

“I could not morally take the money out of the BARK bank account, I just couldn’t do it,” said McKeil.

Within minutes of the ransom being paid, the hackers restored all the charity’s files.

“So you can call them criminals with a heart, but the emphasis is on criminals,” McKeil said.

Huge jump in ransomware scams

According to Mark Nunnikhoven of IT security firm Trend Micro, ransomware is all the rage among hackers right now, with a 20 per cent bump in infections in Canada over the past three months alone. Victims include not only charities and small businesses, but individuals as well.

“I normally hear the phrase, ‘I don’t have anything important that the hacker would want to steal,'” Nunnikhoven said. “Ransomware throws that out the door because the important thing about this is your data is important to you. So how much would you pay to get your family photos back?”

Since ransomware is impossible to trace and usually originates overseas, police say there’s little they can do to track and catch the hackers.

Nunnikhoven said it’s relatively easy to protect a computer from ransomware by installing anti-virus software and regularly backing up data on a separate device.

If your computer is infected, McKeil has some advice: “If you can live without the files, do it. Don’t pay if you don’t have to because you really are supporting these people.”


. . . . . . . .

Leave a Reply