Cook on ransomware: ‘A purse snatching on an airplane’

CHICAGO—William Cook, partner at Reed Smith, said he generally advises companies not to pay ransom to get back access to computer systems—unless the hacker demands a BMW.
Keynote speaker Cook, former president of FBI computer crime unit program InfraGard, told several stories to illustrate the vast universe of cyber risk at Advisen’s Cyber Risk Insights Conference here on May 11.

One such story was of a client that was hacked with ransomware that encrypted all the company’s files. The hacker demanded a ransom: $100,000 and a BMW. Cook told the company to pay the hacker.

“When [the hacker] picked up the car, he got it from the German police,” said Cook, a founding member of the US Secret Service Chicago Electronic Crimes Task Force. The story proved each case is different, but Cook’s overall opinion of this type of hack seems based on hackers’ history of execution.

“It’s good technology, bad follow-through,” he said. “I liken it to a purse snatching on an airplane.”

Nevertheless, the threat of ransomware—which can include DDoS attacks as well as attacks in which all files are encrypted—is growing. Cook said the FBI knows of more than 2,450 such attacks that have happened in less than a year and the total can be multiplied three or four times since ransomware attacks are often not reported to the FBI, he added.

“Be ready for it,” Cook advised companies. “There are forensic companies that can help. Either that, or move to Israel.”