Some forms of cyber extortion are automated and not targeted at any specific victim. For example, “ransomware” refers to a type of malware that prevents users from accessing their systems unless, and until, a ransom is paid. Although variants of ransomware operate differently many encrypt the contents of a victim’s hard drive using asymmetric encryption in which the decryption key is stored on the attacker’s server and is available only after payment of the ransom. Victims typically discover the ransomware when they receive an on-screen message instructing them to transfer funds using an electronic currency, such as bitcoin, in order to receive the decryption key and access to their files. “CryptoLocker” is the most famous ransomware family and first appeared in 2013.
In November 2016, the FTC issued guidance for businesses on how to avoid and respond to ransomware attacks in its How to defend against ransomware1 and Ransomware – A closer look.2
The following provides a snapshot of information concerning ransomware:
The number of entities that reported being victimized by Ransomware over a six month period.3
The average ransom amount associated with ransomware.4
Percentage increase in new ransomware attacks.5
$200 - $5,000
Typical range of ransomware demands.6
What to think about if your organization is impacted by ransomware:
1. FTC, How to defend against ransomware (November 10, 2015), https://www.consumer.ftc.gov/blog/how-defend-against-ransomware?utm_source=govdelivery.
2. FTC, Ransomware – A closer look, (November 10, 2015), https://www.ftc.gov/news-events/blogs/business-blog/2016/11/ransomware-closer-look?utm_source=govdelivery.
3. FBI, 2014 Internet Crime Report at 47 available at IC3.gov (last viewed Nov. 22, 2015).
4. Symantec, Security Response: The Evolution of Ransomware (Aug. 6, 2015) at 5.
5. Beazley, Beazley Breach Insights (October 2016) at 1, available at: https://www.beazley.com/documents/Insights/201610-ransomware-attacks-set-to-quadruple-in-2016.pdf.
6. FBI, Ransomware on the Rise: FBI and Partners Working to Combat This Cyber Treat (Jan. 20, 2015).