Salon held to ransom by computer hackers

Imagine owning a small business – and during peak season, you have to shut your business due to a computer virus because your antivirus, firewall, and data backups failed.

A small hair and beauty business with two salons in New South Wales, Australia experienced just that. In the process, they lost thousands of dollars as their salons lay empty while they were trying to clean up the mess.

Reported in The Daily Telegraph’s Central Coast Gosford Express Advocate on the 26th October 2016, salon staff arrived at work on October 13th to find that their “computers were down”. Milk & Honey co-owner, Belinda Beresford, took a laptop to a computer shop that was nearby. The computer experts diagnosed the problem as a virus that they had accidentally downloaded. Another IT expert who examined the computer discovered that the culprit was a bogus AGL energy bill that was opened despite warnings broadcasted in the media about the scam circulating around.

Once the bogus bill was installed onto their computers, it unleashed the “crysys” virus that slowly corrupted Milk & Honey’s computer systems including their appointments diary. They did not realise that ransomware was slowly encrypting the files on their computer systems until everything had crashed.

In order to decrypt their computer systems, a ransom note from the hackers demanded $1,500 immediately or $2,000 the next day. Another email demanded that it would rise to $3,000 if it was not paid within the week.

Ms Beresford decided to take a stand against the hackers and refused to pay up, citing that she didn’t know if they would actually decrypt the file even if she paid up. However this decision has wreaked havoc on her business and they lost $2,000 on that fateful day because they didn’t know what was going on and didn’t want to open as they wanted to sort out the mess.

Since the ransomware attack, Milk & Honey have been forced to contact its entire client base of 2000+ people to rebuild their appointment diary. As two popular hair and beauty salons in Gosford and Erina, they have had appointments booked months in advance due to school formals and the Christmas and New Year season.

Despite having both antivirus software and having their data backed up hourly by an off-site data storage provider, they were not protected. Once the ransomware infiltrated their systems, the hourly backups were also corrupted.

Australian Police recommend that anyone who falls prey to a ransomware attack should report it immediately to the Australian Cybercrime Online Reporting Network (ACORN) at acorn.gov.au.

Detective Inspector Gordon Arbinja from the NSW Police Fraud & Cybercrime Squad said, “Do not pay the ransom, as there is no guarantee your files will be unlocked and you may be asked for more money. We also encourage businesses to try and decrypt their files by visiting websites such as www.nomoreransom.org.” This website is a website developed by Europol which helps to decrypt some ransomware viruses.

For those who want to avoid the pain and heartache of losing thousands of dollars and having to deal with the havoc that comes after a ransomware attack, BankVault can help you gain peace of mind. Our unique software program allows you to read your emails and even if you unwittingly download a bogus file that’s actually a virus, it will not infect your computer at all. To find out more about how BankVault can protect your computer systems, contact us today!

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on print
Share on email