Virus victim: I had no choice, I had to pay the ransom

WASHINGTON – Lawyer Mari Jo Clark was keen to the adage, “You don’t negotiate with terrorists.”

But that was before she realized decades of documents in her law firm’s computer system were locked down and would be destroyed if she didn’t pay a $300 ransom.

Clark, whose office is in Phoenix, says she received a call from her office manager relaying that “nobody could open a PDF document, then nobody could open a Word document and then nobody could access any of the documents attached to any of our files.”

Clark called her regular IT expert, believing a recent system update might have caused a glitch.

“I instantly could hear a little panic in his voice, and his breathing got a little heavier, ” says Clark. “He immediately said, ‘I think you have this CryptoLocker virus.'”

After consulting with Ken Colburn, founder of Data Doctors Computer Services, Clark realized she was infected by the virus Colburn calls “one of the most vicious things I’ve seen.

Clark searched through her office computers and found the infected one.

“It had wallpaper, and on it was a Doomsday Clock, and in very bold print it basically said, ‘You have three days to pay us $300,'” Clark recalls.

At first, Clark didn’t take the threat seriously and didn’t intend to pay the ransom.

Yet, after consulting with her computer experts and researching the malware, she realized her options were limited.

“No one has figured a way to safely decrypt these documents, and you basically have to pay this ransom or lose your data,” says Clark.

Despite the old warning against negotiating with terrorists, Clark relented.

“I’ve got a business to run. I’ve got clients to think about, so I had no choice, I had to pay it,” says Clark.

After making the payment through the impossible-to-track, anonymous Bitcoin system, Clark’s documents began to be unlocked.

“It’s almost like customer service is congratulating you, with, ‘Here’s your product you paid for,'” says Clark.

“It instantly started decrypting it. Since I have such a high volume of data, it took three days to finish. But now we’re back to normal.”

Clark says her security system is updated, but she doesn’t doubt hackers will try again.

“We’re being diligent and making sure we try to be aware of the next virus that tries to get into our system,” says Clark.

Follow @WTOP and @WTOPtech on Twitter.

Federal News Network Logo
Log in to your WTOP account for notifications and alerts customized for you.

Sign up