Ransomware is one of the fastest growing types of malware out there today. While there are many different examples, they all work in a similar way. Once a system is infected it will essentially be locked down for normal use and a message will display letting the user know that they need to visit a site or call a number to make a payment to get the system unlocked. Depending on what malware is involved the ransom demanded is typically between a couple hundred dollars and a couple thousand.
Joseph Bonavolonta, who is the Assistant Special Agent in the FBY’s Cyber and Counterintelligence Program spoke of this issue last week at the 2015 Cyber Security Summit. In his talk he said that they often advise people to just pay the ransom because at this point there is no known way to unlock a system.
In addition, the hackers that are infecting systems with ransomware are surprisingly honest in their promise to unlock infected computers after the payment is made. From April 2014 to June 2015 the Cryptowall version of ransomware generated about $18 million in revenue for hackers. Hackers obviously believe that as long as they continue to unlock infected computers, the money will keep flowing in. And if Bonavolonta is right, the hackers might be correct in this assessment.
What makes this type of issue particularly difficult to address is that the hackers aren’t looking for anything long term from any given system. They encrypt the files on a system and make the demand. If the ransom is not paid within a set amount of time the files will remain encrypted forever, effectively making them useless to the user.
Other than paying the ransom, the only way to get your files back is to restore them from an uninfected backup location. Sadly, many people don’t properly (or regularly) back up their files so the only options are to pay the money or lose their files.
This type of ransomware can infect personal computers or servers and the hackers appear to go after private systems, business systems and even government systems equally.
The fact that the FBI clearly has no way to address this issue is just one more reminder that everyone should be performing very frequent backups to help protect their data. This especially applies to marketers who make a living with the data on their computers.
