Commentary — Cyber-attack victim recounts ordeal

Out of curiosity, I unwisely opened an email apparently from myself in my spam folder. Google translated a message in Italian, claiming that its writer had watched me for months and that opening the message had activated a timer. If I didn’t pay 250 euros into a specified Bitcoin account within 48 hours, all my contacts would be sent a video of me watching a porn site, reportedly displayed on my screen. That area was blank, as I do not visit such sites and I wouldn’t know where to get Bitcoins anyway. The writer claimed that a “Trojan Virus” gave them full access and control over my computer and any devices attached to it.

They could see everything on my screen, turn on the camera and access all my contacts and correspondence. They later demonstrated this while I was writing a business letter by changing the characters I typed into different ones with foreign accents. They explained how their malware made regular changes to my antivirus programme’s driver to prevent it being detected and threatened me against submitting a complaint somewhere because “I do not make mistakes!” Googling the “Bitcoin address” provided brought up sites about the song “Somebody’s Watching Me.”

Elections

Those of us with long memories can recall rumours of impropriety swirling round various politicians at different times and can imagine the effect such blackmail threats might have on anyone seeking re-election. My smart phone was taken over by a more playful hacker, like a jumbie, who seemed delighted in teasing me: like letting me press the entry code on the phone, then visibly displaying its numbers.

My overnight struggle with the intruders was both nerve-wracking and exhausting. The desktop was permanently in safe mode, and I was prevented from doing anything that would allow me to escape the hacker’s grasp, like changing my login or reinstalling Windows. In securing our laptops and other devices, I discovered the hackers must have used Windows’ provision for a home computer user to be able to operate as if at the office or school, to control my account remotely.

I must commend the speed and efficiency with which the detective from the Royal Virgin Islands Police Force Intelligence Department responded to my call for help. He cleared the malware from my phone and desktop, reinstalled Windows 10 on it, and is now investigating my report.

Beacon editorial

On May 25, 2017 the Beacon raised concerns about ransomware in an editorial titled “VI should get serious about cyber security.” The piece followed a worldwide ransomware attack, but hackers had operated here for years before that. Shortly after the Computer Misuse and Cybercrime Act 2014 was passed, Google warned me of suspicious activity on my personal computer. Two RVIPF “cybercrime specialists” visiting me after I reported the intrusion were sympathetic but just told me to tell them if it re-occurred. I had to change my email address, but still get daily error messages regarding the old one.

A year later, Google stopped apparently the same hacker(s) from getting into my email and gave me their IP address and the district near Road Town it covered, but LIME’s customer services agent (in Jamaica?) insisted that they could not locate hackers from an IP. When I asked for the RVIPF “cybercrime specialists,” I was transferred to an officer in East End who once worked for LIME. He advised me to take a printout of Google’s email to LIME’s office, where someone could trace the hacker.

LIME’s IT specialist merely recommended changing my password and only reluctantly agreed to investigate Google’s email. When I followed up my enquiry, nobody at LIME knew anything about it and the office was reorganised into one geared more to taking money for equipment, top-ups and bill-payments than providing customer service.

Data breach

MyHeritage, a family history programme, had recently reported a data breach, but was unclear of its seriousness. However, on Jan. 17 security experts had reported the discovery of the largest collection of breached data in history: more than 770 million email addresses and passwords posted to a popular hacking forum in mid-December, from many different individual data breaches and thousands of sources.

One expert commented, “If you’re one of those people who think it won’t happen to you, then it probably already has. Perhaps your personal data is on this list because you signed up to a forum many years ago you’ve long since forgotten about, but been using that same password all over the place.” This warning underlines the need for password managers like Dashlane — which store a random, unique password for every service — rather than endure the nightmare I experienced.

After installing the latest version of Windows 10 on my laptop, I found that it protects folders against malware by default. I would encourage everyone using it to let it update to the latest version, which has protection against ransomware and other malware pre-installed.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.