The CEO of a Belfast business centre has issued a stark warning to other businesses after being “held to ransom” by cyber criminals.
Computers were rendered unusable and business ground to a halt during the hack at the Townsend Business Centre earlier this month.
Locked screens displayed a sinister message demanding three ‘bitcoins’ in return for the safety of some files.
But the centre’s CEO, Maragret McMahon, said they had a “lucky escape”.
“We refused to pay the money, which we have been told would equal about £13,000 and reported the hack to the police,” Ms McMahon said.
What is Bitcoin?
Bitcoin is a crypto-currency – a system of digitally created and traded tokens to which value is assigned.
Computers have to solve cryptographic problems in order to add blocks to the blockchain – a ledger that records every transaction that has ever occurred with Bitcoin.
In return, those computers receive bitcoins in a process known as bitcoin “mining”.
Users have a “bitcoin address”, to which bitcoins may be sent or from which they may be used.
Addresses are stored online in wallets that function like bank accounts.
Although most people refer to Bitcoin as a currency, it is worth noting that for regulatory reasons many countries – including the United States – have decided to define it as a commodity instead.
“Thankfully we were able to recover almost all of the information lost and our servers were restored within three days.
“The important thing to note is that we didn’t have any specific vulnerabilities, but these criminals are incredibly intelligent.
“They could have been round the corner in Belfast or they could have been in Taiwan – we just don’t know.”
The business centre became aware of the hack on Wednesday 5th October and reported it to police who were able to advise what to do next.
David Crozier, from Queen’s University’s Centre for Secure Information Technologies, said these kinds of attacks are “increasingly common”.
“Cyber criminals often demand to be paid in bitcoin as they believe it is an anonymous means by which they can be paid – but they are wrong,” he said.
“Lots of people wouldn’t think twice about buying physical security for their building such as alarms and heavy gates – but they are leaving themselves exposed to criminals online by not having the correct protection.
“We believe many of these crimes are going unreported and businesses are simply paying up – this is absolutely the wrong thing to do because the hackers will keep coming back for mopre.
“Our advice is to act just as the Townsend centre did and make the PSNI aware.”
The PSNI have said that an investigation is underway after the ransomware demand.
Det Chief Insp Dougie Grant, from the PSNI’s Cyber Centre, said: “We have received a significant number of reports in relation to this type of cyber crime in recent months which is reflective of what is going on nationally and internationally and I would encourage anyone who is a victim to contact police as soon as possible.”