Data Ransom Scheme a Surprising Play for Hackers | eWeek

Data Ransom Scheme a Surprising Play for Hackers

Written By
Brian Prince
Brian Prince
May 5, 2009
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

The PC Cyborg Trojan appeared on the scene back in 1989, encrypting files on the C drives of infected users. It then prompted them to contact the PC Cyborg Corporation and pay a fee to have their files decrypted, marking what is considered to be the first piece of ransomware in the wild.

Roughly 20 years later, a hacker has attempted a similar scam, this time breaking into the Virginia Prescription Monitoring Program’s Website and demanding payment in exchange for access to data on more than 8 million patients. According to Wikileaks, the attacker or attackers put a message on the Website April 30 stating that the database of prescriptions had been placed in an encrypted, password-protected file. To get it back, the state must cough up $10 million, according to the demand.

But at a time when botnets are quietly stealing mountains of financial and corporate data and slinking off into the cyber-crime underworld, data being kidnapped and held for ransom is not among the top threats enterprises should be worried about, security pros say. Truth be told, the biggest threats are the ones that attempt to leave no trace for victims to pick up on.

“Ransom hacking definitely occurs somewhat regularly, but I’d consider it far lower on the risk ledger than most kinds of cyber-crime,” said Rich Mogull, an analyst with Securosis. “It’s far higher risk to the bad guys than quietly stealing data and selling it on the black market.”

Mogull added, “I don’t think this was ever a hugely popular form of attack, but it’s one that draws a lot of attention the few times it happens.”

More common are incidents of researchers attempting to blackmail companies or vendors when they find a vulnerability in software, but even those schemes have declined in popularity, Mogull said.

Certainly, there is no shortage of people looking to exploit vulnerabilities to either steal data or rope users into scams to buy rogue anti-virus software, and the profitability of those activities may make a high-profile extortion or blackmail attempt less attractive to black hat hackers. Or, as McAfee’s Dave Marcus suspects, the deterrent may just be the threat posed by additional interaction with the victim.

Ransom schemes “were never hugely common-meaning they probably never took off,” said Marcus, director of security research and communications at McAfee Avert Labs. “It might be reasonable to assume that it was always easier to steal and sell data. By communicating with the victim, it seems to create much more of a chance of being caught.”

While there was a conviction in the case of the PC Cyborg Trojan, tracking cyber-criminals remains a notoriously difficult proposition for law enforcement. However, according to a report by CBS News, the FBI is investigating the case in Virginia.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.