Imagine cybercriminals holding your files for ransom.
It sounds like something out of a movie set in the distant future, but business owners and households are facing such a threat today.
Hackers are now using ransomware to hijack computers and hold files hostage in exchange for payment. Malware programs like CryptoWall, CryptoLocker and CoinVault spring into action when you unsuspectingly click on a link in an email, encrypting all of the data on your hard drive in seconds. A “ransom note” appears telling you that you need to pay $500 (or more) to access your files again. If you fail to pay soon, they will be destroyed.1
Worldwide, more than a million computer users have been threatened by ransomware – individuals, small business, even a county sheriff’s department in Tennessee. The initial version of CryptoLocker alone victimized 500,000 users, generating more than $3 million in payments along the way.2,3
The earliest ransomware demanded payments via prepaid debit cards, but hackers now prefer payment in bitcoin, even though few households or businesses have bitcoin wallets. (The emergence of bitcoin effectively aided the rise of ransomware; keeping the payment in virtual currency is a hacker’s dream.)2,3
If your files are held hostage, should you pay the ransom?
The Department of Homeland Security and most computer security analysts say no, because it may be pointless. By the time you get the note, your files may already be destroyed – that is, encrypted so deeply that you will never be able to read them again.
Some people do pay a ransom and get their data back. As for prosecuting the crooks, that is a tall order. Much of this malware is launched overseas using Tor, an anonymous online network. That makes it difficult to discern who the victim is as well as the attacker – if one of your workers thoughtlessly clicks on a ransomware link, you cannot find, scold or even help that employee any more than you could locate the hacker behind the extortion.3
How do you guard against a ransomware attack?
No one is absolutely immune from this, but there are some precautions you should take.
First, back up your data frequently – and make sure that the storage volumes are not connected to your computer(s). Cloud storage or a flash drive that always stays in one of your computer’s USB ports is inadequate. If you back up your files regularly enough, weathering a ransomware attack becomes easier.3
Keep your anti-virus software renewed and up to date. Those alerts you receive about the latest updates? Heed them.
Never click on a mysterious link or attachment. This is common knowledge, but bears repeating – because even after years of warnings, enough people still click on mysterious links and attachments to keep malware profitable.
Ransomware is a kind of cyberterrorism.
This is why the Department of Homeland Security issues warnings about it. When you deal with terrorists, playing hardball has its virtues. As Symantec Security Response director Kevin Haley told NBC News: “If none of us paid the ransom, these guys would go out of business.”2