Ransomware attacks draw headlines when they take down major operations: hospitals, cities and most recently, a US fuel pipeline. Not only do cybercriminals scam businesses demanding large sums of money or they'll wreak havoc on their computer systems, this week's gas shortages showed how it can also have broader impacts.
But ransomware against individuals — specifically, anyone who uses the internet — can also be very damaging. Hackers can lock computers and threaten to delete or expose sensitive information and photos in exchange for money.
The concept predates the widespread adoption of the internet. In the late 1980s, the inventor of ransomware attacked the attendees of the World Health Organization's international AIDS conference with infected floppy disks, asking for $189 to decrypt files on their computers. Nearly three decades later, the US Justice Department recently said 2020 was "the worst year to date for ransomware attacks." Security experts believe attacks against both corporations and individuals will only continue to grow because they're easy enough to execute and people are paying.
Here's what to do if you've fallen victim and how to protect yourself.
How it happens
Criminal organizations behind ransomware attacks don't care if the victim is an individual or a business — they just want to get paid. Ransomware is often obtained through social engineering — an act of someone stealing personal data by using information gleaned from their social media account — phishing emails or getting someone to click on a link on a website. It's especially prevalent on pornography and pirate websites that promise free viewing. Ransomware kits are also sold on the dark web, a part of the internet not detected by search engines where cybercriminals often sell and buy illicit materials.
Older computers running operating systems that are no longer supported by the manufacturer, such as Microsoft's Windows 7, and don't offer security updates are more susceptible, as well.
Once the ransomware has been clicked, a hacker can gain access to that computer and demand a ransom to relinquish control. Because the system locks as soon as it's infected, it's not possible to negotiate with the criminal. Many times, hackers will urge people to pay with cryptocurrency, such as bitcoin, which can be received anonymously and is harder to trace.
The biggest motivating factor behind these incidents is money, and sometimes a criminal will use fear tactics, such as threatening to publicly expose sensitive photos, to entice people to pay. "When criminals attack individual users, they often ask for small amounts of money, as they know most individuals can't or won't pay thousands of dollars to get their data back," said Randall Magiera, cybersecurity expert and professor of information technology at Tulane University.
What to do if you've fallen victim
The FBI's general guidance is that victims should not pay a ransom. "The FBI does not support paying a ransom in response to a ransomware attack," according to the FBI website. "Paying a ransom doesn't guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity."
If a hacker gets a credit card number and goes on a shopping spree, a bank can often reverse the charges, but the use of cryptocurrency makes funds nearly impossible to get back. Some common malware infections can be reversed with existing cybersecurity tools but many cannot.
"Ransomware groups evolve their tactics generally when they see that cybersecurity tools can counter them," said Michela Menting, research director at ABI Research. Some security researchers have tools to decrypt ransomware, but they're not always reliable because many ransomware versions exist.
People who are hit with ransomware should treat their computer as though it's...

See omnystudio.com/listener for privacy information.