Ernest Hekkanen couldn’t believe his eyes.
The Nelson writer and publisher was working away at his computer in late April when “hundreds of webpages started flashing across the screen at lightning speed and then a message in black on white background came up indicating to me that my computer had been taken over. It said I would not have my files returned to me unless I paid a ransom. And it said the longer I took to respond the greater amount of money I would have to pay.”
Hekkanen was a victim of cryptolocker, a new form of ‘ransomware’ that commandeers your computer and encrypts your files. In effect, it takes your computer hostage.
In a similar, high-profile case, the University of Calgary recently paid $20,000 to get its files released. The university administration reportedly agreed to pay because the ransom demanded was relatively small compared to the value of the research material in the files that were encrypted. The University of Calgary received the decryption keys from the hackers but to date has not needed to use them, according to university staff.
Hekkanen says the hackers did not specify how much money they wanted from him.
“I was supposed to get in contact with them through a link in the screen. Everything else other than my email was shut down. I could not believe it at first and I read it over several times. I found it difficult to make sense of it because the grammar was not terribly good. It was difficult to ascertain what I was being told.”
Kathy Macdonald, a cybercrime expert and retired police officer in Calgary, told the Star that this relatively new kind of hack “has increased exponentially over the past five years. Often it is targeted at health care because of the sensitivity of the data but sometimes it hits small businesses and individuals. It is a tough decision whether or not to pay. You can’t fault these organizations that decide to pay: everybody is in a different situation and it depends on the importance of the data.”
Hekkanen didn’t pay.
“I was determined not to communicate with them because that might strengthen any ties they might have to my email address.”
He tried the antivirus techniques he knew, then took it to a local computer store.
“They called me back and told me all they could do was drill holes through the hard drive and pack it up for scrap.”
Hekkanen is the author of many novels and the publisher of the New Orphic Review, a literary magazine that receives about a hundred submissions a year from around the world. His own volumes of fiction and nonfiction include the 2015 memoir, False Memories. His home gallery (Hekkanen is also a painter) is listed as Nelson’s sole Literary Landmark by the book review newspaper, B.C. BookWorld.
Hekkanen publishes his own books, so perhaps the attackers thought he was a big publishing house.
“I have no idea of what profile they had on me. If they had a correct picture of my publishing house they would have known that it works on a shoestring budget and that it does not make any money, really.”
Hekkanen went out and bought a new computer, having lost the files of several unfinished books, of which he fortunately has paper copies. He had also backed up much of his work. But the incident has hastened a decision he made earlier this year to shut down the publication of the New Orphic Review in 2017.
The only way to protect yourself from cryptolocker, Macdonald said, is to back up your computer files every day, or better yet, in real time. And be suspicious of your email.
“Email is dangerous because most people use it, but in general, such as on social media and on the web, be suspicious of links. Be careful what you click on. Keep your anti-virus and anti-malware up to date.”
She said neither the police nor your computer repairer is likely to be able to help you. Rob Vermeulen of the RCMP said ransomware messages should be reported to the Canadian Anti-Fraud centre at 1-888-495-8501.
To support Hekkanen’s purchase of a new computer, the Elephant Mountain Literary Festival and Oxygen Art Centre are co-sponsoring a literary reading on August 26. Hekkanen will read from his work, along with local writers Linda Crosfield and Ross Klatte. Admission is by donation.
The evening will also include information on ransomware and how people can protect themselves from this new form of cyberattack.
The event will be held at 7:30 p.m. in Room 310 of Selkirk College’s Kootenay Studio Arts building at 606 Victoria St.