A new emerging cyber-threat  has been reported by antivirus and computer security vendors - installation of ‘ransomware’ on victims’ computers or servers which encrypts information on the affected machines and the subsequent demand of payment by attackers to release the information. The folks at Kaspersky Labs claim that they have seen an increase in ransomware but they deny that this problem has reached ‘epidemic’ levels. Among the main concerns is the increased encryption strength that has been noted over the past months - previously attackers used relatively weak encryption (56-bit) but recent ransomware has started using 660-bit encryption key, making any information recovery practically impossible.

A recent ransomware incident in Great Britain indicated the growing trend of ransomware attacks and the inability of law enforcement to deal properly with such incidents. Earlier this year, a Manchester woman unintentionally downloaded a trojan program which encrypted her files with a 30-character password and placed a note suggesting that she should not go to the police but instead buy pharmaceutical products in order to get the password and restore her files.

When she decided to report the incident to the police, her claim was met with shrug and an inadequate explanation by law enforcement,

We aren’t investigating the incident as it’s an Internet crime, and not within the GMP area — technically it’s international. Trying to find who did this it would be a monumental task. [statement by Greater Manchester Police spokeswoman]

Although the difficulties in tracking and prosecuting this case are enormous, it is very wrong for law enforcement to send the message that tracking the criminals is difficult or impossible. In groundbreaking and novel cases such as this one, law enforcement should put extra time and effort in making sure the trend stops, and not unintentionally encourage it.