Ransomware – the Dark Side of Encryption

encoded lock graphic

Cyber thieves have a new “go-to” racket: ransomware. Both people and organizations have been increasingly under attack. Ransomware, so called because criminals demand a ransom from their victims, is a form of malware that encrypts files on the targeted computer that only the criminal can unlock. Payment is usually sent using cryptocurrencies like Bitcoin.

Ransomware’s explosive growth comes largely from the relative ease in deploying the malware, and the predictability in getting a ransom from desperate users. Libraries, hospitals, and even police stations have been targeted. Most recently, the Pennsylvania Senate Democrats came under attack.

As ransomware has proliferated, some criminals are getting more sophisticated in their operations, even offering helpdesk services to victims, or decrypting your files if you share a link with friends so that they are infected by the ransom malware, effectively serving as a chain letter that really will cause you harm. According to the popular blog Krebs on Security, there is even now a “ransomware-as-a-service” tool available for purchase, complete with ad campaign, customizable options, multi-language support, and “lifetime upgrades”.

If you get infected by ransomware, what should you do? Well, it depends on who you ask. The FBI has said at various times that victims should refuse to pay the ransom, or should go ahead and pay the ransom. Either way, it’s best to contact law enforcement to assess the situation. Businesses often don’t have the luxury of not paying the ransom, since each day that passes without the use of their computer systems can cost thousands of dollars.

While encryption supports the secure operations of the internet and modern digital life, ransomware remains its dark underbelly, and shows no sign of stopping.