Ransomware is one of the most nefarious and intrusive methods of cybercrime to have ever existed.
It is simple in its execution, highly successful and preys on the most basic fears of its victims. For the uninitiated, ransomware is when a cybercriminal gains access to their victim’s system, encrypts a file, folder or drive, and then presents the victim with a simple choice: pay a hefty ransom or lose the data forever.
For those looking to combat ransomware, the battle is frustratingly being fought uphill. The number of ransomware attacks recorded are at an all-time high (and that doesn’t even count the incidents that have not been reported). Law enforcement agencies all over the world are working hard to find, arrest and try ransomware fraudsters but by the time they chase one down and put them behind bars twenty more have fraudsters have sprung up.
The sharp incline in cases and hackers can only be attributed to the ridiculously high success rate of ransomware attacks. Sadly, the reasons for success are as numerous as they are understandable. Corporations targeted by ransomware attacks essentially face a lose-lose situation. On one hand the company can approach the authorities file a report and have law enforcement investigate the matter. Undoubtedly such an endeavor will eventually land them in the headlines of news outlets everywhere. Their reputation will be put in peril and they will be left helpless as the trust they have forged with clients and investors evaporate. The other route, would be to quietly cave in to the demands of the hacker. This way nothing gets out to the press, but then they not only have to hope that the cybercriminal keeps their word and releases the data, but would also have to pray to every known deity that this cybercriminal does not target them again.
Individuals are also targeted in much the same fashion as corporations, except these individuals may not have the tech savvy to mount even a hope of a defense. Often, these individuals pay the ransom because it is not the reputation of a faceless corporation at stake, but their own names. Sadly, there is little that can be done to combat a ransomware that has already taken hold. It is, for lack of a better word, a time bomb that is ready to detonate and a hole in your life should you refuse to pay the ransom. The hackers know this and that is why they usually set the ransom low enough to ensure that compliance is not totally out of the question, but high enough to capture the attention of the user.
While one can argue that crafty hacking and coding made ransomware possible, it is the method and the fact that it exploits the knee jerk reactions of human nature that has led to the wild success of ransomware attacks. Interestingly, enough there is an easy route to ensure that you are never caught in the sticky web of a ransomware attacker: duplicate or backup your data. Unfortunately, it is a route not often taken by both corporations and individuals alike.