Ransomware is on a rampage.
The frequency of attacks nearly doubled during the first half of 2021 compared to the corresponding period last year, according to a recent report from Tel Aviv-based cybersecurity firm Check Point Software Technologies. And the dollar amount that criminals are extorting is also on the rise.
Ransomware is a type of computer virus, also called malicious software or malware, that locks your computer and sends out an alert demanding a payment for the return of your data. Cybercriminals typically target businesses and governments in hopes they'll pay big bounties to release files and restore critical systems. But ransomware attacks happen to regular computer users, too.
"When a consumer is a victim with ransomware, it means the cybercriminal has something they can demand payment for, such as your documents, including tax returns, or maybe important photos and videos [like home movies] that are now encrypted,” says Steve Grobman, chief technology officer of McAfee, a leading cybersecurity company.
To unlock your files, attackers demand that you pay them, usually in cryptocurrency such as Bitcoin, which is difficult to trace. Their demands could amount to several hundred dollars for individuals — and several million dollars for companies — with recent high-profile attacks on Colonial Pipeline Co. and JBS USA Holdings Inc., the world's largest meat processing company, as examples.
"You may see an email that says you need to pay if you want these files back. Or in other cases you're told your entire computer is locked and unless you pay, they'll make it essentially unusable,” Grobman says.
But it can get worse. Cybercriminals also may threaten to post your personal information, such as private emails, on the internet unless you pay, he says. “Fake ransomware,” a demand for payment without a criminal accessing your files, is also a problem. So what should you do?
If a ransomware attack strikes you
"Your first course of action should always be to contact your local authorities as soon as possible,” says chief technology officer Ryan Toohil of Aura, a digital security company based in Burlington, Massachusetts.
"Don't take any actions before a technology and/or law enforcement expert is involved, as it could make the situation worse,” Toohil says. “Technical experts will know what to do in a ransomware situation."