My guess is the head of the Justice Department has no idea what various departments of the US government can do.
Why are you saying that I am not interested in factual answers? 
“AES-256 is an algorithm. It can be broken. If you look at the history of cryptography, every algorithm gets broken eventually. That’s why we make new algorithms. The question is how long it takes to figure out the math to break it.”
Source: What are the chances that AES-256 encryption is cracked? - Cryptography Stack Exchange
The real problem wasn’t a lack of cybersecurity. The real problem was a lack of backups.
OK, so when we say “eventually” in this context, we really are talking long term, like decades. This is irrelevant to the question of whether a current, strong encryption can be broken now by anybody.
You ask a question and argue against the answers. That’s not asking for a factual answer, that’s starting a debate, or at least trading opinions. Which is cool but not what GQ is for.
Backups ARE part of cybersecurity.
That’s a random quote from a random guy on the internet. Not a rock solid source.
Especially since the other random guys on the same page keep making the same arguments that are being made here. E.g.:
Maverock, what answer are you looking for? Almost everyone in this thread is saying some version of the following:
- “breaking” the encryption, while perhaps mathematically possible, is infeasible even with massive computing power;
- paying the ransom is the least painful way for the city to get back to doing its job;
- the NSA doesn’t get involved in issues like this.
I’m a university professor of cybersecurity. I think manson1972 is in the field as well, and we’re saying about the same thing. I mean, I know I’m just a rando on the internet, but I think I’ve established my knowledge in the field on this board.
To add a little more context, as computers get more powerful, the threshold for computational feasibility gets lower. Some day, AES 256 will no longer be sufficient to withstand brute force cryptanalysis. However, that day is not here yet. Properly implemented AES256 with a long key is still effectively unbreakable and will remain so until we’re all doing quantum computing.
OK. Thank you, everybody, for the answers. At first, I just could not make sense of the answers that I was getting. Now, everything is clear. I thought any encryption could be crack-able and NSA was capable of cracking it. I was wrong.
It’s incorrect that every algorithm has been broken. We move away from old algorithms to new ones out of an abundance of caution, not because there’s been a convincing attack on them. About the only best in class algorithm that’s been convincingly broken is DES, but more due to the inadequate key size than any deep flaw in the encryption. It’s not clear if a 256 bit modified version of DES could be broken, we haven’t tried because there are better algorithms that replaced DES.
If you consider hashes as well, MD5 is also considered broken while SHA1 is also probably broken. For everything else, there exists a few theoretical attacks that might decrease the order of magnitude by which a brute force attack can happen but nothing where you can produce a piece of software where encrypted text goes in one end and unencrypted text comes out the other in less than the lifespan of the universe.
Besides, there’s one encryption system that we are theoretically assured never to be broken which is a properly implemented one time pad system. No amount of algorithmic cleverness or computational power will ever decrypt anything that has been encrypted properly with a one time pad.
Yeah, restoring from backups is a pain.
Restoring without backups, however…
Even if it was a simpler, obsolete scheme, and it would only take a few decades, it’s still probably cheaper and easier to pay the ransom.
Just make sure your secretary doesn’t decide to fix it because it doesn’t look random enough.
Don’t discount the power of Rubber Hose Cryptanalysis, though!
Obligatory XKCD: xkcd: Security
The key length of AES-256 is limited to about 256 bits 
As far as particular algorithms being intrinsically “broken” or not, there is a distinction to be made between theoretically decrypting text via brute force, and finding genuine flaws that lower the complexity of finding the key, possibly enough to make an attack practical. E.g. people have been able to shave off a couple of bits in the case of AES, but nothing like a practical attack is yet possible that way. An algorithm may also be unquestionably “broken” in other ways, even without the key being recoverable; for example, if it were possible to recover some information about the plaintext.
When was XOR with a one-time pad broken?
While a well implemented OTP is as close to perfectly secure as is possible, for the purposes of this thread and talking about the hostile encrypting of other people’s files, it would not be a practical method of attack, as the one time pad would have to be at least as big as the data being ransomed, and that would be a bit harder to distribute with to unsuspecting users.
My guess is that you aren’t familiar with the FBI’s deep links to the intelligence community.
“NSA - The only part of government that actually listens.”
My mother-in-law was NOT happy when I pointed out to her that all her paranoid cybersecurity measures, up to and including deliberately turning the computer off when not in use were kind of pointless, because anyone who would actually deliberately target her would just go and break the glass beside the front door, let themselves in, turn the computer on, and go to town. Or break one of the 8 foot tall windows in the computer room and get in that way.
I was trying to point out that the real safety lies in obscurity; if they know who you are, and know they want to steal something, there are much easier ways to get it than cracking even basic router firewalls.
My guess is that you are unfamiliar with the fact that the current head of the Justice Department is a moron.
This reminds me of one of the numerous dumb things in “Live Free or Die Hard”. The main bad guy sends his henchmen to kill a few computer hackers. Instead of just waiting in their apartment and shooting them, they wire up explosives to their computers, and when they turn them on, they explode. Then, they have the nerve to call this a “cyber attack”. God that movie is stupid.