We have been reading so much about Isis and their despicable shenanigans, about Swiss leaks and stashed cash and now we are also regaled with the advance of Cryptowall, version three, mind you.

What you are about to read makes Isis look like a troop of amateur boy scouts and Swiss leaks like robbing a piggy bank.

What am I on about?

It is Cryptowall in its latest and most destructive version. This is a dastardly blackmailing program which is running wild in the IT world.

Never heard of it, I suppose. Well, read this carefully then. This is the ‘latest’ form of dramatically severe ‘ransomware’, the impact of which is increasing at an alarming rate.

And this nasty piece of work is directed at you… yes, you are the one and only unique target. Each and every computer user, be it personal or corporate.

It is a deeply malicious software that completely ‘damages’ all your computer data. It will also ask you for money to ‘fix’ this for you.

You will have seven days to do what ‘they’ (these organised hackers) tell you and, for those seven days, your cost will be €500 to get your data back.

When the first seven days are up, the ‘fee’ increases to €1,000.

The alternative is for you to kiss all your information, photos and data goodbye. Forever. Believe you me. Everything, with a capital E. And, by damage, I really, really mean total loss of the data found on your hard drive.

It will encrypt all your computer files, using highly-sophisticated and virtually unbreakable 2048bit encryption.

Consider this. It will take you about 10 lives (more than a cat) to be able to defeat the encryption. It is that sophisticated.

What happens? Well, in the unfortunate event that you do get ‘infected’, you will be presented with a file entitled ‘help_decrypt.htm’.

This refers you to two keys on your computer (without your knowledge, needless to say a ‘public’ key and a ‘private’ key.

These keys are unique to you and your computer. Yes, in the whole worldwide internet, these keys relate just to you and you alone.

With this euphemistically called ‘help file’ you will be directed to a link to let you know how to contact these merciless souls together with instructions on how you can resolve the situation.

Needless to say, after payment. From that point on, a clock appears on your system and starts a seven-day countdown. Sounds more like a high tech thriller than reality. Well, as they say, truth is stranger than fiction.

Within this ‘first’ seven-day ‘grace’ period you have to remit to them their ‘standard fee’ of €500. Miss the deadline and you are in the €1,000 fee bracket.

Beware a dastardly blackmailing program running wild in the IT world

The key is the only way you can communicate with these digital gangsters. If you somehow and stupidly enough delete the key – any one of them – you might as well forget it.

Game over. Your data is gone for good. Your only way out is to format the hard drive. If your Bios has not by now been infected, that is, but more of that later.

If your data is that important, you will have to follow a convoluted way to pay them.

For starters, however, you are asked to forward to them one of your now encrypted and unreadable files.

Anything as long as it does not exceed 500K. They will send this back to you unencrypted and in its proper readable format. This proves to you that they do mean business. Also, that they well and truly have access to all your data and which is now in their hands.

After settling the fee, your private key to decrypt your computer is released to you. Slowly, your data reappears in its proper readable format. You are meanwhile so much poorer.

There is no way (as of today) that you can get any of your data back outside of paying what you are asked.

The gangsters behind Cryptowall3 are using the TOR internet. This is more ‘popularly’ known as the ‘dark internet’.

Packets (communication data) is untraceable. It is the network on which the likes of drug smugglers and arms dealers operate clandestinely.

Anonymous transactions using digital currencies (much like bitcoin) is the medium you are asked to pay to get the key released to you. You do not know who you are paying, where they are on this planet, if a bank is involved and, if so, which and you certainly cannot get in touch with them.

In 30 years working in the computer business and with a penchant for digital security, I have never seen anything so malevolent, so untraceable, so effective and so incredibly sophisticated.

So how do you get ‘hooked’?

From what I know it seems that you are sent an innocuous ‘voicemail’ with an e-mail message.

Open it and you are doomed.

Often enough you are sent a normal e-mail message with a link. Click that link and away you go. Doomed. Your computer starts encrypting your files in the background without you realising it. It does slow down a bit but not that noticeable enough to alert you.

Before you know it, your programs will stop functioning. You are now at the complete mercy of these digital hijackers.

On another tack, it has also been brought to my knowledge that the so-called ‘phone call scam’ is again doing the rounds.

Users are receiving calls, out of the blue, from Indian-sounding parties asking questions about the computer and requesting users to give them remote access.

They ask you to let them download a piece of software onto your computer claiming you have some illegal software or whatever.

Again, sometimes you are ‘advised’ in ‘your interest’ to activate a link they send you. Thereafter your Bios gets locked and your computer will not boot.

These ragamuffins are more considerate as they only ask for €200. Mainly because if you know how, you can defeat their ‘lock’. It is complicated (no comparison with Cryptowall3, mind you) but still way above the standard user’s knowledge.

So you have been warned now.

The maxim? Don t open any e-mail you feel uncertain about. Even if it is coming from a friend. Contact the user who sent this to you and ask whether they had in fact sent it.

Before you even dream of opening the message, send a message enquiring beforehand. Treat all messages with any attachment suspiciously.

If you download films, music and whatever from torrent sites you need to be superhuman careful.

You are exposing yourself even more to these issues.

Don’t simply click yes, yes, yes if you are installing anything on your system. Read what you are being asked to confirm before you confirm whatever.

Ignore this advice and warning at your own risk.

Stephen Saliba is an IT consultant.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.