Imagine turning on your computer and seeing a message “We have encrypted all your files. Pay us a ransom if you want them back,” This is ransomware, a costly form of cyber-extortion. In February, Hollywood Presbyterian Hospital paid a $17,000 ransom to get their files back after a ransomware attack. The problem has become so serious that the United States Computer Emergency Readiness Team [US-CERT] recently issued an alert, advising organizations to strengthen their information security management practices to manage the risk of ransomware.
Ransomware encrypts the files on your computer or network with an ‘encryption key’ known only to the cybercriminal. The cybercriminal then offers to sell you the key to decrypt your files. Ransomware, like other forms of malware [malicious software], often gets on a computer through phishing. Other ‘delivery vectors’ include visiting a booby-trapped website and infected USB-drives.