ALBUQUERQUE (KRQE) – It counts on bad habits, it preys on panic, and it works.
Ransomware is on the rise. The malware hijacks computer content from average users and, as its name implies, demands a ransom from users to get it back.
The authors behind the malware aren’t after bank account data or passwords that unlock sensitive information. Instead, they program the ransomware to lock down seemingly benign content such as family photos and music libraries. Then, they set the hook.
Dr. Robert Luo, an associate professor at UNM’s Anderson School of Management, said computer users will often see the logo of a federal agency pop up on their screen, “ordering” them to pay money to unlock files. Or a countdown clock appears announcing that files have been encrypted. Accompanying the clock is a threat that files will be deleted until the ransom is paid.
The claim is almost always real. And since he began studying ransomware nearly a decade ago, Luo said the encryption used on locked data has become virtually impossible to crack. Computer users are left with two choices: pay the ransom or wipe their computer clean and start over.
Luo said the evil genius of ransomware is that it counts on human nature. Users “just get scared,” Luo said. “[They think] okay, I have to get my stuff back, get my computer unlocked, so I have to send the money back.”
The pull of panic is strong. Luo said the author of the CryptoLocker version of ransomware quickly raked in $3 million, a few hundred dollars at a time. Luo noted that paying the ransom doesn’t remove the malware, and it’s likely that crooks will strike again unless users clean the ransomware off their computers.
Nyika Allen of the New Mexico Tech Council explained that the draw of ransomware for cyber criminals is that it’s the kind of attack that can fly under the radar until it’s too late.
“When they attack a big corporation that has a lot of sensitive data, that’s probably a big success for them,” Allen said. “But then you also have to think about how difficult that is. Because those big companies probably spend a lot more time and energy cutting those people out, making sure they can’t get in, that there’s no holes in any of their software.”
Internet security giant McAfee estimates $2,000 spent developing or buying ransomware can easily haul in tens of thousands of dollars.
Allen and Luo said ransomware almost always finds its way into a computer through a mistake made by the user.
“Usually it’s something that you clicked on, whether it’s a bad website, it’s an email coming through to you, it’s just a popup on your screen,” Allen said.
Backing up data frequently and redundantly is the best defense. Users should dedicate an external hard drive for backups, plug it in, complete the data backup and then unplug the drive. Using a cloud-based backup system can also provide clean, isolated copies of data in case a computer gets infected.
But Luo warned that ransomware authors are already looking at the next generation of their malware.
“It’s possible that those authors would target smartphone users or cloud-based servers, which would be a nightmare in the future,” he said. The prevalence of smartphones could turn ransomware into a billion-dollar scheme that has the potential to double-infect both the device and the cloud to which many smartphones are backed up on a daily basis.