Knaves Are After a King’s Ransom

There are times in which March really does blow in like a lion. Take, for example, March 1, 1932. On that day, Charles Augustus Lindbergh, Jr., 20-month-old son of famous American aviator Charles Lindbergh, was kidnapped, beginning one of the most infamous criminal cases in American history. During the search of the Lindbergh home a ransom note demanding $50,000 was found. The note was the first of many.

FBI Director J. Edgar Hoover entered the case, announcing the FBI would support the New Jersey State Police in investigating the kidnapping. As a point of interest, the Superintendent of the New Jersey State Police at the time was Colonel H. Norman Schwarzkopf. If the name sounds familiar, it’s because H. Norman was the father of H. Norman Schwarzkopf Jr., perhaps better known as “Stormin Norman,” commander of coalition forces during the Persian Gulf War.

Sadly, the Lindbergh kidnapping ended tragically for the child. Some 18 months after the kidnapping an arrest was made, due largely to tracing the $20 gold notes used to pay the ransom.

The practice of ransom goes back countless centuries. According to Plutarch, in 75 BC, Julius Caesar was captured by Sicilian pirates. He was said to have told the pirates that the ransom they were demanding was far too small, he was worth much more. Whatever the fact of its origins it’s clear that we have entered a far more sophisticated era. Now, cyber criminals employ ransomware to extort money from victims around the world. In one recent notorious example, two weeks ago Hollywood Presbyterian Hospital paid $17,000 in ransom to regain control of its network, which had been held captive for 10 days, essentially paralyzing their system and disrupting their ability to do business. Ransomware is a type of malware which disables the functionality of a computer by restricting access to it in some way. Then, it demands a ransom.

Writing in Digital Trends, Chris Stobing described the experience of being victimized by ransomware thusly, “You wake up one day, rub the sleep out of your eyes, and boot up your laptop. Expecting to see a Twitter feed or Facebook profile, instead you’re greeted with a big red image, demanding that if you don’t pay $200 to an unknown party in the next 24-hours, everything you know and love on your computer will be erased, and gone forever.”

The FBI has warned that the use of ransomware is rapidly rising. Similar warnings abound. Last fall the Federal Financial Institutions Examination Council warned financial institutions about the increasing “frequency and severity of cyber attacks involving extortion.” One of the significant challenges associated with ransomware is that the ransom is not paid in traceable $20 gold certificates. Payment generally is made through digital currency Bitcoin or a form of electronic currency transfer.

The best way to guard against being victimized is to have good security software and to follow good security practices. Here’s hoping your March is a breeze.

By Tom Davis, SDI Cyber Risk Practice
March 1, 2016

active