Over the past few months, Collision Advice’s Mike Anderson has been contacted by over a dozen shops regarding a computer ransom scheme where body shops’ computers and IT systems are hijacked and held for ransom.
Unable to access their programs and documents, victims are then contacted by the hackers with instructions on how to pay the ransom, usually in bitcoin.
Ryan Cropper, owner of Able Body Shops in Anchorage, AK, stopped in his shop on the Saturday before going on vacation in November 2018. He recalls, “All of the icons looked like Christmas presents and clicking on them opened a message with an email address to contact to unlock them. I contacted IT, and they confirmed my computer was hacked and I’d have to pay a ransom to release it.”
Fortunately, the hacker couldn’t access password-protected files. However, unable to find an alternate solution, Cropper paid $4,000 in bitcoin after IT verified the hacker’s record of releasing victims’ computers once the ransom was paid. Cropper was locked out of his computer system for four days. He shares, “It was a nightmare; I was losing my mind.”
“The amount they demand depends on what they find,” Cropper continued. “The hacker was unwilling to negotiate whatsoever. Our hacker came from Russia; we verified that through the IP address.”
After his documents were released, Cropper’s next step was figuring out how he got hacked. He learned that there was an open port on his computer that allowed him to access it from his laptop while traveling. “The hacker found the open port and did damage to benefit himself,” Cropper explained. “It didn’t ruin us, but it could have. Our firewalls didn’t stop it. Now, I have a two-part authentication for remotely accessing my system and that’s key to ensuring we aren’t hacked again.”
According to Anderson, “This has happened to a lot of folks. People have open ports and then receive a spam email; once they open it, hackers have access to your computer and lock it down until the ransom is paid. One shop owner heard me speak about this topic and protected himself so he could avoid paying the ransom when he was attacked, but several shops have been forced to pay.