It’s a nightmare scenario: You’re doing work, answering emails or browsing the web when, suddenly, your computer or mobile device stops working. A taunting message takes over your screen, informing you that some faceless internet villain has seized control of the machine and all of your data. To get it back, the message claims, you’ll have to fork over a payment.
Ransomware is a particularly devious type of malicious software, or malware. You can inadvertently download ransomware onto your computer or device by clicking on an online ad or email link, opening an attachment or, in some cases, simply going to a website where it has been planted (a form of attack called a drive-by download).
Once the program installs itself, it will lock up your computer and communicate the demand for payment, usually in a cryptocurrency such as Bitcoin, Ethereum or Ripple (although ransomware crooks have been known to demand gift cards). More vicious strains of malware will encrypt the files and folders on your machine, external drives you have plugged into it, and other computers on your home or office network.
That last threat — hackers’ ability to infect large computer networks after gaining a single point of entry — has made ransomware increasingly lucrative for international criminal gangs that target government agencies, health care systems and large corporations, including Colonial Pipeline, the gas carrier that was infamously shut down by cybercrooks for several days in May 2021.
The FBI's Internet Crime Complaint Center received 3,474 reports of ransomware attacks in 2021, up 50 percent from the year before. Reported losses jumped from $29.2 million to $49.2 million.
And while attacks on big fish like Colonial Pipeline grab the headlines, small and medium-sized businesses are also in the line of fire. Nearly 44 percent of ransomware attacks in the fourth quarter of 2021 targeted companies with 100 or fewer employees, according to cybersecurity firm Coveware, which helps businesses deal with extortion threats.
Whatever the target, the price can be steep. Coveware’s tracking puts the median ransom payment at more than $117,000. The true cost of recovering from ransomware can be much higher, as the FBI notes, including lost staff time, computer equipment and files, and the expense of hiring tech help to restore machines and networks.