Ransomware, as the name suggests, is a computer malware that prevents users from accessing their computer systems unless they pay a ransom to the cybercriminals. Unlike other viruses where users have to spend money to remove adware and other malware installed in the system, ransomware requires the user to literally buy back their access to their own computers. It is the cyber version of blackmail where criminals force individuals to pay a ransom to recover their loved ones or precious belongings.
According to TrendMicro, the earliest ransomware cases, which originated in Russia in 2005-06, created password-protected zip files of documents, spreadsheets, programs, and DLL files. The user was required to pay a ransom to obtain the password and regain control over his or her system.
By 2012, ransomware attacks had spread into Europe, Canada, and the USA. The attacks became more sophisticated as cybercriminals began using a wide range of websites to infect computers, and pretended to be law-enforcement agencies to scare affected users from going public about the attack.
In 2013, a new variant emerged that, apart from blocking access, encrypted the files of the system. This meant that users could no longer recover access by simply deleting the malware. The user would still have to pay ransom to decrypt the files. These variants are called CryptoLocker, a reference to the fact that the system’s files are locked due to crypto-encryption.
Unlike conventional virus and malware attacks, ransomware makes it impossible for the user to access his or her files until the problem is solved. For a business, the prospect of databases built over decades becoming inaccessible can affect the very existence of the business. Basic tasks like meeting deadlines, responding to mails, or updating internal spreadsheets will become impossible.
Apart from impact on productivity, ransomware attacks can affect the firm’s or individual’s finances as well. Ransomware: A Growing Menace, a report by Norton security experts, analyzed a specific attack covering 68,000 computers in a month with ransom demands ranging from $60 to $200. Experts found that payout resulted in a loss of $33,600 for 168 users. With less than 3% of victims paying the ransom, the criminals could have made close to $400,000 in a single month. This analysis clearly reveals that ransomware attacks pose a very real threat to the finances and functioning of any individual or business depending on IT products and services as a part of their routine activities and operations.
The Europol's 2014 Internet Organized Crime Threat Assessment has warned about ransomware attacks on medical devices like pacemakers, medical information systems in hospitals and devices, as well as attacks on Internet of Things.
With Internet connectivity becoming an integral part of our lives, a hacker situated thousands of miles away can hold all aspects of our lives at ransom through sophisticated ransomware attacks.
The best way to escape ransomware attacks is to focus on preventive action. The following steps can help individuals and businesses avoid becoming victims of a ransomware attack.
Finally, one can minimize negative impact of a successful ransomware attack by having network-independent backups to minimize risk of loss of access to the files.
Further, one can use recovery tools offered by reputed online security brands to recover control of infected systems.