At this moment, someone’s computer and personal data are being held hostage. Many have recently become victims of the cyber-tactic known as ransomware, including hospitals, schools, police departments, government agencies, and private citizens.
Ransomware is a type of malware that infects a computer hard drive or server and locks down or encrypts the information stored on that particular device. The virus then demands that its victim pay a relatively small fee in exchange for unlocking or decrypting the information.
Many have been victimized due to recent public demand for interconnectivity among devices and the increased number of these devices, which create potential ransomware targets. The low level of expertise required to perpetrate these attacks means they are even more prevalent.
The proliferation of ransomware on the internet is another example of how the cyber-threats can have impact in the physical world.
For example, in early February, the Hollywood Presbyterian Medical Center was hit by a ransomware attack that shut down its communication systems for ten days. This particular scenario presents a dilemma with regard to dealing with ransomware attacks. Given that lives are on the line when the hospital’s system was locked down, the hospital had limited choices. It cannot waste valuable time safely removing the virus, so it is often forced to bite the bullet and pay the ransom in the name of its patients. A proliferation of these dangerous attacks warrants finding solutions to halting them.
Successful ransomware attacks often depend on exploiting the human element by fooling users into clicking on or opening a malicious link or attachment. Consequently, individuals and organizations of all stripes should improve their own “cyber-hygiene” practices in order to deny hackers’ success from the get-go. For example, only a quarter of U.S. households currently back up their data on a regular basis. Individuals and organizations should take preventative steps to ensure that backups are up to date to protect against ransomware attacks.
Information sharing can also benefit cyber-security efforts with regard to preventing and mitigating these attacks. Sharing information about pre-emptive practices could thwart malware attacks before they have even a chance to occur. Alternatively, there are known solutions to safely removing certain types of ransomware viruses after they have infected a system; sharing information on these solutions could mitigate the harm caused to the targets of ransomware.
Improving U.S. cyber-security is important for preserving U.S. critical infrastructure, online freedom, and economic growth. Ransomware might be the newest threat, but it will not be the last.