Imagine opening your laptop one morning and discovering all your documents and photos are encrypted — but not by you. A message on the screen in broken English demands a ransom to unlock your files. It's a horrifying scenario that is far too real for many people.
In the past few years, ransomware attacks have increased with the growth in the use of digital storage over physical record keeping for critical documents and treasured photos. Take a look at the history of ransomware, how it impacted users in the past year, and what you can expect in the future.
Ransomware is a type of malware designed to hijack computers so hackers can force victims to pay a ransom to regain access. It can infect your computer when you download an innocent-looking email attachment or visit a website that surreptitiously executes malicious code that ultimately encrypts critical files or denies access to the computer. The two main forms of this malware are currently widespread:
The first modern ransomware emerged in 2005 in the form of Gpcode, but it’s only in the last few years that the problem has reached epidemic proportions. In 2016, 60 percent of the security professionals surveyed by Ponemon Institute said they saw an increase in ransomware infections, and the companies they work for averaged 26 ransomware attempts each week . A Google study found that over the last two years, ransom malware attackers received $25 million in ransoms .
In 2017, several new ransomware infections spread across the world.
Victims often wonder if they're better off paying the ransom to ensure data is returned. In the past, law enforcement agencies have supported this: at the 2015 Cyber Security Summit, Assistant Special Agent Joseph Bonavolonta of the FBI advised companies infected with malware to pay ransoms. According to Kaspersky Lab, however, that's a bad idea. First, there's no guarantee cybercriminals will keep their word and decrypt your data. Second, the more money they earn, the more likely they are to try again. Finally, both security firms and law enforcement organizations are working hard to find and post valid decryption keys. It's definitely important to check the web for possible solutions before shelling out cash.
This year certainly won't be the last for ransomware, so what does the future hold for digital extortion? Smart home devices and internet-connected vehicles are tempting new targets. A ransomware attack could lock people out of homes with smart locks, turn the heat up with smart thermostats, and threaten to crash a connected car. Ransomware could also target network-connected pacemakers, implants, and health monitors. The Internet of Things (IoT) offers a host of possibilities and is short on security standards.
Ransom malware is here to stay. Its targets may change, but the method is tried and true. If you're infected, try not to panic. Look for help online, don't pay up, and consider the use of real-time security protection to help detect and quarantine ransom threats before they lock you out.