PCeU arrests three suspected ransomware blackmailers

The UK Police Central e-Crime Unit (PCeU) has arrested three people in connection using ransomware, which security experts say poses a threat to businesses as well as consumers.

The UK Police Central e-Crime Unit (PCeU) has arrested three people in connection to using ransomware, which security experts say poses a threat to businesses as well as consumers.

Ransomware is malicious software that is inadvertently downloaded and infects the victim's computer.

It dupes computer users into believing they are subject to a police enquiry in an attempt to extort money from them.

Once infected, the computer suddenly stops working and a holding screen, known as a "splash page", is displayed. The splash page features police logos usually including that of the Metropolitan Police Service (MPS) or the PCeU and purports to be an official notice from these organisations.

It states that the victim's online activities have been monitored by police and that they have been identified as committing offences online. They are instructed to pay a fine, usually £100 by electronic payment, to restore their computer.

PCeU officers based at the MPS and North West hubs, assisted by colleagues from Staffordshire Police,  arrested a 34-year-old man and 30-year-old woman from Stoke on Trent on suspicion of conspiracy to defraud, money laundering and possession of items for use in fraud.

They arrested a 26-year-old man, also from Stoke on Trent, on suspicion of conspiracy to defraud. All three are currently in custody at a Staffordshire police station.

Detective Inspector Jason Tunn, from the PCeU, said: "The arrests shows we are determined to combat this type of crime. I remind all computer users that police do not use such a method to impose or enforce fines, so if you are confronted by such a page do not enter any of your details. Call police on 101."

Cybercriminals in the US are also adopting this tactic, using the FBI’s logo to trick and then defraud computer users.

“With more people waking up to the realities of spear phishing and other methods of attack on their data – ransomware is looking like the next logical step in social engineering,” said Paul Davis, director of Europe at security firm FireEye.

“Though it is arguably a scam targeted at consumers, ransomware can easily find its way onto the corporate network – paving the way for larger-scale attacks against organisations,” he said.

With employees increasingly browsing social networking websites and opening email attachments from strangers, Davis said they are fast becoming a real threat to IT security.

“It takes just one person to click the wrong link for malware to infect the entire system. The information that is harvested and held to ransom can then be sold on to other hackers who really know how to use it,” he said.

According to Davis, the only way to ensure the most robust protection for the corporate network without imposing a blanket ban on personal internet use, is for organsiations to have comprehensive security system across the whole IT estate.

“It’s been said time and time again that traditional perimeter solutions are not strong enough to fight the calibre of threats that we are seeing today, and advanced security tools must be used to protect all potential vectors of attack,” he said.

Read more about Ransomware.

Ransomware variant works on Windows 8, Symantec says

Polymorphic ransomware tops malware charts

New ransomware encrypts files, demands $120

Ransomware and computer blackmail viruses: a history

Has ransomware made a comeback?

Read more on Hackers and cybercrime prevention