Business and personal computers are always at risk for a number of viruses, worms and general malware infections but ransomware can be a major problem. Ransomware is a name that’s true to its purpose. It is a specific type of malware that kidnaps a computer’s browser, locking it until a “ransom” is paid to the data thieves. Files are encrypted and could be unrecoverable after a certain amount of time. Data thieves hold the computer files for “ransom” and use a number of tactics to entice owners to pay the fee.
What Does Ransomware Do?
There are different kinds of ransomware, says Microsoft, but all of them can prevent a computer’s ability to access information – including those of businesses, governments or healthcare provider networks. This malware can affect home desktop computers, laptops and mobile devices as well. For Microsoft products, ransomware prevents access to Windows and encrypts files to render them useless. It also keeps certain applications, such as web browsers, from opening or operating.
Criminals use tactics that are tantamount to psychological bullying in order to get payment for releasing computer data infected with ransomware, says Microsoft Security Director Tim Rains.
These tactics could include:
- Threatening to post sensitive material to public media
- Claiming to be law enforcement (who will prosecute)
- Destroying data
- Increasing ransom demand
- Introducing more malware
And, says the software company, there is no guarantee that paying the ransom will convince data thieves to remove the virus and allow the owner to access his information. Thus, it is important that computer, IT professionals and security teams consider ransomware to be a serious threat to business (and personal) cyber operations.
Ransomware’s Impact on Business
Although the exact amount of money that ransomware victims have paid to their kidnappers is unknown (not many people admit or report the thefts), recorded statistics show that the amount is climbing. Attackers typically do not disclose their financial demands, making transactions and payments difficult to trace. But in any case, statistics from the last several year show thousands of complaints and a loss of just under $50 million, according to experts at the cybersecurity firm Symantec. However, those figures are only from incidents reported to law enforcement; the FBI thinks the amount is actually much higher.
The Impact: What happens if…
Organizations and businesses whose computers and servers are infected with malware of any kind, including ransomware, can be rendered inoperable, according to information in a report from Symantec. Businesses severely infected with computer malware may have to shut down completely, which could result in severe financial losses during the downtime. This can also cause the company’s reputation to take a hit.
Speaking of financial costs, companies will incur more than merely paying a ransom to release information. Legal bills, Information Technology specialists, possible fines and penalties can run up the bill. Medical centers and hospitals are required to keep patient information confidential, as per the Health Insurance Portability and Accountability Act (HIPAA). These organizations face hefty fines for noncompliance.
Beyond financial repercussions, community organizations such as hospitals and utility companies can be severely impacted by ransomware. Data thieves can hijack computers to cut off electricity, water or heat, leading to death and injury.
Data loss can be insurmountable and because of that, a company’s reputation and brand are at risk. When a business loses customer information and its own company records, it would essentially cease to operate. And worse, the data thieves can demand more money by publishing or threatening to publish sensitive information.
Encrypted or stolen files can impact or destroy a business, especially smaller enterprises. But larger corporations are also at a serious risk, says Intermedia. The cybersecurity company states nearly 60% of businesses whose computer systems are or were infected with ransomware (and reported the crime) have more than 100 employees; 25% have more than 1,000.
A Real Example
The Hollywood Presbyterian Medical Center (HPMC) found its vast computer system infested with ransomware. In February 2016, the medical facility admitted that it paid $17,000 in ransom to retrieve its information; a small price to pay, say officials. However, that amount may be considered “a drop in the bucket.” Not only is the medical center’s reputation at stake, but patients’ personal identification and medical histories, which are protected under HIPAA, have been exposed to thieves.
Advice for Home Computer Users
Because ransomware can attach itself to personal computers from any source of malware, be cautious when:
- Opening emails from people you don’t know. Avoid clicking on attachments and embedded links. If you want to check out a link, copy and paste it to a new browser window.
- Clicking on unknown or suspicious websites. Fakes are everywhere! Watch out for links on social media accounts such as Twitter and Facebook.
- Looking at websites and email messages. Poor, improper spelling and bad (English) grammar are good indicators of fake websites and email messages.
Reports of ransomware are now more public – about 50% came from the United States with the others in Australia, Taiwan, France, Brazil, Spain, Canada, Turkey, Italy and the United Kingdom (December 2015 through May 2016). The viral programs most used during this time are called Tescrypt, Crowti, Brolo, FakeBsod and Reveton.