Ransomware is a cyber attack in which malware is placed in the computer(s) of unsuspecting persons or businesses. The computer system is locked and unavailable to users until a certain amount of cash – sometimes demanded in Bitcoins or gift cards – is turned over to the hackers. The cash is the “ransom” that unlocks the system again. Instructions on paying are given as part of the ransomware demand.
Ransomware can affect smartphones, individual computers, and large organizational computer systems. It can also affect smart devices such as televisions.
Affecting Consumers, Businesses, and Governments
Ransomware is a growing concern that affects consumers, businesses, and governments.
Consumer ransomware attacks totaled $24 million from 2,500 separate cases in 2015 alone. The Federal Internet Crime Complaint Center (IC3), run by the FBI and several other U.S. agencies, have registered nearly 7,700 complaints since 2005. The complaints have lost a total of more than $57 million, including the direct ransoms and costs for replacing the hardware and files lost in the attacks. (Many people simply replace their computers rather than pay the ransom.)
Although no nationwide figures are kept on business, some high profile ransomware attacks have occurred. In early 2016, Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 to get back control of its computer systems after a ransomware attack.
Since mid-2015, 29 Federal agencies have been hit with ransomware attacks, ranging from attempts to actual attacks, according to the National Cybersecurity and Communications Integration Center (NCCIC). The NCCIC is run by the Department of Homeland Security (DHS).
There were also roughly 2,045 cases attacks either investigated or monitored by the Multi-State Information Sharing & Analysis Center (MS-ISAC).
The cases can be widely distributed. In a given state, for example, police may be hit at one point, and another agency later on, in separate ransomware attacks.
A number of ransomware victims are known to have paid. The California hospital paid. State and local governments, ranging from Massachusetts to South Carolina, have paid to get their computer systems and servers back. Business Insider notes that police departments are particularly vulnerable because their files are often not backed up.
The amounts of ransomware paid by state and local governments range from several hundred dollars to multiple thousands.
The Department of Justice indicates that no Federal government agency has paid ransomware.
The Best Defense Is Prevention
The Department of Justice and DHS indicate that most ransomware comes from sources offshore. Although they have had some significant victories in shutting ransomware hackers down, it is also very difficult to do without access to the encryption tools the ransomware attackers use.
As a result, both agencies focus on preventive efforts and educational outreach about prevention.
Like any other goods and services, files and systems rise in value if they cannot be replaced. Backup of files and servers would render ransom demands moot.
Some targets of ransomware, like smartphones and other smart devices, can be factory reset.
Ransomware is a large and growing problem. Awareness and prevention are keys to stopping it.