But ransomware against individuals — specifically, anyone who uses the internet — can also be very damaging. Hackers can lock computers and threaten to delete or expose sensitive information and photos in exchange for money.
Here’s what to do if you’ve fallen victim and how to protect yourself.
Older computers running operating systems that are no longer supported by the manufacturer, such as Microsoft’s Windows 7, and don’t offer security updates are more susceptible, as well.
Once the ransomware has been clicked, a hacker can gain access to that computer and demand a ransom to relinquish control. Because the system locks as soon as it’s infected, it’s not possible to negotiate with the criminal. Many times, hackers will urge people to pay with cryptocurrency, such as bitcoin, which can be received anonymously and is harder to trace.
The biggest motivating factor behind these incidents is money, and sometimes a criminal will use fear tactics, such as threatening to publicly expose sensitive photos, to entice people to pay. “When criminals attack individual users, they often ask for small amounts of money, as they know most individuals can’t or won’t pay thousands of dollars to get their data back,” said Randall Magiera, cybersecurity expert and professor of information technology at Tulane University.
What to do if you’ve fallen victim
If a hacker gets a credit card number and goes on a shopping spree, a bank can often reverse the charges, but the use of cryptocurrency makes funds nearly impossible to get back. Some common malware infections can be reversed with existing cybersecurity tools but many cannot.
“Ransomware groups evolve their tactics generally when they see that cybersecurity tools can counter them,” said Michela Menting, research director at ABI Research. Some security researchers have tools to decrypt ransomware, but they’re not always reliable because many ransomware versions exist.
People who are hit with ransomware should treat their computer as though it’s compromised even after it’s been unlocked. “This is because you do not know what changes the ransomware made to the system when it was infected,” Magiera said.
He suggested erasing the computer’s hard drive and reinstalling the entire operating system rather than selecting the option that restores files.
Even though it’s hard to track down the criminals and prosecute them, anyone targeted should report the crime to police officials, according to Menting. “The greater the number of incidents reported, the more visibility this provides to law enforcement, which eventually leads to bigger budget allocation for fighting it,” she said.
People can do a few things to protect themselves from ransomware, starting with being mindful about what they’re clicking on in email and on websites. Individuals should also consider backing up important files, so even if they fall victim to ransomware their files wouldn’t be lost.
People can also invest in an antivirus program to monitor for and filter out malicious software.
“Cybersecurity solutions can help to weed out some of the more generic and common attacks, but individuals need to be prepared in case some are not caught by the filters,” Menting said. “No security solution is 100% effective. A combination of tools and techniques will provide the best safeguards.”