It’s called “ransomware,” and this insidious new type of malware is so widespread that it cost businesses a total of $1 billion in 2016.
Ransomware is a designed to infect and take over a computer system and then block access for the authorized user. Hackers encrypt information critical to the performance of hospitals or even off-shore shipping, for example, then demand cash for the encryption password.
Ransomware’s prevalence increased more than 600% from 2015, according to a report titled “2016 Malware Year in Review,” released Thursday by Phishme.
Will this presidential election be the most important in American history?
“Phishing,” a popular tactic that baits users over email to disclose personal information, is the delivery method for about 90% of ransomware attacks. Phishing typically attempts to acquire sensitive data (like credit card numbers, usernames, passwords, social security numbers) by tricking unsuspecting users to click on infected links.
While ransomware accounts for a large portion of phishing attacks, cybercriminals also remain committed to using more traditional tools for the theft of person information, such as a Trojan, a malicious computer program employed for hacking.
Businesses aren’t the only institutions affected by ransomware and phishing. Other organizations, ranging from hospitals to schools, have fallen victim to the cyber-scheme recent years.
A Los Angeles college decided to pay hackers $28,000 to remove infected software from its computer systems after cybercriminals took the school’s data hostage.
The University of Calgary felt compelled to pay 20,000 Canadian dollars (around $15,700) to hackers who infiltrated the college’s information technology systems roughly a year ago.
The cybercriminals committed the ransomware attack by encrypting the school’s data and keeping critical computer files from officials and staff.
There are several steps people can take to increase their own cybersecurity including two-factor authentication for their devices and accounts. But the best way to specifically combat phishing is to be cautious and skeptical when clicking on a hyperlink (portal to another web address) from email addresses or on sites that are unfamiliar — a hard task for roughly half of the population.
This report, by Eric Lieberman, was cross-posted by arrangement with the Daily Caller News Foundation.
