What is 'Ransomware'

Ransomware is a cyber-extortion tactic that uses malicious software to hold a user’s computer system hostage until a ransom is paid. Ransomware attackers usually demand ransom in Bitcoin currency due to the perceived anonymity of transacting with cryptocurrency. The malicious software locks a user’s computer for a limited time after which the ransom increases in price or the user’s data is destroyed. Ransomware is also known as Crypto-Ransomware.

BREAKING DOWN 'Ransomware'

Ransomware is a rapidly advancing criminal activity that affects businesses, financial institutions, government agencies, medical institutions and other organizations; it is the product of the advancement of digital technology. Although the advancement of digital technology has made a way for companies to enhance their relationships with consumers by offering more personalized services at personalized costs, technology isn't only used by legitimate users to improve their processes. Miscreants are also using emergent technology tools to improve their online attacks, either for fun or profit. Data breaches are done to steal personally identifiable information of individuals that will be sold through underground web channels for legal tender or cryptocurrencies. Cyberattacks like Denial of Service (DoS) may be carried out for fun or to make a statement. Some attackers deny a business access to its computer by demanding a certain amount of Bitcoin as payment in order to gain re-entry into the system. This latter unscrupulous means of getting a paycheck is done through Ransomware, which in a way is a form of a DoS attack.

Ransomware is a type of malicious software, or malware, that encrypts a computer’s system data with a key that only the attacker has. The malware is normally injected in an email attachment, software, or unsecured website. A user who tries to access any of these infected programs will trigger the ransomware which either locks the computer screen or encrypts the files in the system. A full-screen window pops up with information that states the user’s computer has been blocked, the amount in money or Bitcoins required to unlock the system, and a countdown timer which indicates the amount of time left before the data held hostage is destroyed or before the ransom is increased. Ransomware attackers usually demand payment to be wired through Western Union or paid through a specialized text message. Some attackers demand payment in the form of gift cards like an Amazon or iTunes Gift Card. Ransomware demands can be as low as a few hundred dollars to as much as $50,000. After payment is made, the hackers decrypt the files and release the system.

Ransomware attackers can infect many computers at once through the use of botnets. A botnet is a network of devices compromised by cybercriminals without the knowledge of the owners of the devices. The hackers infect the computers with malware that gives them control of the systems, and use these breached devices to send millions of compromised email attachments to other devices and systems. By kidnapping multiple systems and expecting the ransom to be paid, the perpetrators are banking on having a huge payday.

Examples of Ransomware

A company that has been held hostage by ransomware can have its proprietary information destroyed, operations disrupted, reputation harmed, and finances lost. In 2016, Hollywood Presbyterian Medical Center paid about $17,000 in Bitcoins to ransomware attackers who had taken the data of the hospital’s patients hostage. During the crisis, some patients had to be transferred to other hospitals for treatment and the medical records system was inaccessible for ten days, disrupting the daily operations of the hospital.

RELATED TERMS
  1. Denial Of Service Attack (DoS)

    A Denial Of Service Attack (DoS) is an intentional cyberattack ...
  2. 51% Attack

    51% attack refers to an attack on a blockchain by a group of ...
  3. Data Loss

    Data loss occurs when valuable and/or sensitive information on ...
  4. Supply Chain Attack

    A supply chain attack is a cyberattack that attempts to inflict ...
  5. Threat Modeling

    Threat modeling is evaluating what needs to be protected in the ...
  6. Intrusion Detection System (IDS)

    An Intrusion Detection System (IDS) is a computer program that ...
Related Articles
  1. Tech

    Why Cryptocurrency Mining is the New Ransomware

    Combatting unsolicited mining should be a priority for decentralized developers, even above functionality like interoperability and scaling.
  2. Investing

    Security Stocks Up After Global Ransomware Attacks

    Investors bet that companies and governments will spend more to secure their networks.
  3. Investing

    Microsoft Turns to AI to Fight Cyberattacks

    Microsoft is turning to artificial intelligence in the wake of the WannaCry ransomware attacks.
  4. Investing

    'Game of Thrones' Maker HBO Says Programming Stolen in Cyberattack

    Over half of all US corporations are estimated to have been hit with ransomware.
  5. Insights

    Top Cyber Security Risks for Financial Advisors

    Cyber crime is on the rise. Here's what advisory firms, big and small, need to be aware of and how to prepare.
  6. Investing

    WannaCry Hackers Threaten Another Microsoft Data Dump

    The hacking group behind the WannaCry attack are threatening another data dump.
  7. Investing

    Microsoft Blames Users, Spy Agencies As It Faces Rising Criticism

    Microsoft's president said a lack of patching on the part of users and the hoarding of vulnerabilities by spy agencies is the reason 'WannaCry" spread.
  8. Investing

    New Cyber Attack Exploits Microsoft Bug, Generates Digital Currency

    Another cyber attack relying on a Microsoft bug is spreading around the globe at the same time the hacking group Shadow Brokers is warning of more pain to come.
  9. Investing

    ‘Strong Links’ Tie North Korea to Ransomware Attacks: Symantec

    'Highly likely' that ransomware is linked Lazarus Group crime ring, say cybersecurity experts
  10. Tech

    What is Illicit Cryptomining?

    Illicit cryptomining is when malicious parties try to surreptitiously mine for cryptocurrency using others' computing power.
RELATED FAQS
  1. What impact have terrorist attacks had on the insurance industry?

    Learn about the impact of terrorist attacks on the insurance industry and how the 9/11 terrorist attack led to important ... Read Answer >>
  2. What Does the Bitcoin Blockchain Record?

    Read about the bitcoin blockchain, a public ledger shared among all bitcoin users that records the information of every single ... Read Answer >>
  3. What Are the Pros and Cons of Online Checking Accounts?

    Learn about the ways an online checking account can save you time and money, but understand the drawbacks before signing ... Read Answer >>
  4. Why do Bitcoins have value?

    Performing with transactional anonymity, Bitcoin has value as a private digital currency, investment tool and social networking ... Read Answer >>
Trading Center