Ransomware: Could your data be kidnapped?

Icon of a computer browser with a lock around it
« Return to Learn

What would you do if someone broke into your living room, held your computer at gunpoint and threatened to destroy it if you didn’t cough up $700 in ransom? Would you pay it?

That’s almost exactly what happened to millions of people last year. Except the intruder was a computer virus that locked up all their files and demanded payment in digital currency such as Bitcoins—or else.

Known as ransomware, the virus is one of the many types of malware hackers have devised to make money off web users. And it’s on the rise. The types of ransomware in existence quadrupled last year, prompting the media to declare 2016 the “Year of Ransomware,” and cyber security experts predict the attacks will grow another 25 percent this year.

It’s not just your computer at risk, either. As we become more dependent on smartphones and other Wi-Fi enable devices, these are increasingly being held hostage, too.

To pay or not to pay?

Unlike other viruses, which are usually intent on stealing your data, ransomware simply locks you out of your operating system or encrypts your files so you can’t access them unless you pay up. Some versions even threaten to throw away the key, destroying your data forever if you don’t meet their deadline.

Your family photos? Digital music collection? Years’ worth of financial records? All gone.

“Among the many ways ransomware is unique is in the moral quandary it presents its users,” says PC Magazine. “Thus far the malware's encryption has proven largely bulletproof, meaning that, once infected, the end-user has one of two options: either pay the ransom—thereby funding the activities of the criminals who hacked into their system—or lose the files forever.”

The experience can be dramatic. Some viruses appear to be official notices from the FBI claiming you’ve been caught watching illegal porn, buying drug paraphernalia or downloading a pirated movie. Sometimes the ransom note is delivered through your speakers in the “booming voice of a stranger demanding a Bitcoin payment,” says Time Magazine.

Many people choose to pay it. Hackers launch ransomware attacks against millions of American computers a year, and some of the viruses boast success rates as high as 41 percent. While the average victim only shells out around $300, it can add up to around $150 million a year in the pockets of cybercriminals.

Even if you do pay the ransom, there’s no guarantee your files will be restored.

Keeping kidnappers out

Want to avoid having to choose between funding hackers and losing all your files? Here are some ways you can protect yourself from ransomware:

Back up your hard drive weekly. The most important thing you can do to protect yourself from ransomware is regularly back up all of your important files. That way, even if your computer becomes infected, you’ll have a way to restore your files without paying the ransom. This removes the hackers’ key bargaining chip.

Ignore that attachment. Most people get ransomware from infected emails that entice them to click a link or download an attachment. As soon as they do, the malware hijacks their device. Never download anything from an email address you don’t recognize. “Many cyber security experts warn that people should be particularly skeptical of emails with attachments that appear to be from trusted brands, like FedEx or Amtrak, when they arrive unexpectedly,” says Time.

Install the latest operating system. Always make sure you have the latest version of your operating system with the most updated security features. This helps prevents hackers from exploiting common vulnerabilities.

Renew your antivirus software. Ransomware often evades antivirus detection, so keeping your software up to date doesn’t make you invincible. Still, it’s a basic security habit that will help ensure you stay as protected as possible.

Block popup ads. People commonly get viruses from clicking on malicious popup ads. Keep your ad blocker enabled to avoid accidental clicks. If a popup does appear, close it by clicking the X in the right-hand corner; stay away from buttons within the ad.

Having your device hijacked by ransomware can leave you feeling helpless and angry—but it doesn’t have to.