At the end of 2012, as the cybersecurity predictions started rolling in for the coming year, one issue kept showing up on virtually everyone’s list. What was that prediction? Ransomware is the next big cyberthreat.

What Is Ransomware?

As the name implies, “ransomware” is malware that prevents you from accessing data or information on your computer until you pay a ransom or a specified amount of money.

Just as sophisticated phishing emails appear to be from trusted financial institutions or other respected companies, ransomware can appear to be from legitimate sources such as legal authorities or even government officials. A demand is usually made for a fine to be paid for the “illegal activity” that was supposedly found originating from your computer. The illegal activity claim could be items like copying songs or duplicating videos and violating copyright laws.  

The two commonest forms of ransomware will: lock the screen with a full-screen image or Web page to prevent access to the computer; or encrypt files with a password that prevents access to data or information.   

The other bad news for those infected with this malware is that paying the ransom does not always return your computer to normal, since users are not typically dealing with reputable actors.

For example, Skype users were targeted last year with a scary message that locked them out of their data, encrypted their files and demanded payment to the tune of $200. This ransomware displayed messages claiming the user was downloading MP3s, illegal pornography, gambling and more. And while the user was locked out of his or her computer, a script was running that was sending thousands of click fraud transmissions.

How Is Ransomware Spread?

Like other forms of malware, ransomware is typically installed on your computer when you click on a malicious link, open an infected email attachment or click on a bad social networking link. You can reduce the likelihood of an infection by using a firewall, updating security patches and ensuring that anti-virus and anti-malware software are working properly on your PC. 

If you think you have ransomware, it’s best to run a system scan with an updated security software solution from a reputable vendor, like Symantec, McAfee or Microsoft. Be advised that some ransomware won’t allow you to unlock the screen, so you may need to restart the computer with an offline disk. And while this may be obvious, you should not pay the ransom, or other complications will likely result.

One example to consider is the FBI MoneyPak Ransomware virus, a.k.a. “FBI virus.” This malware uses social engineering tactics to trick users into thinking that the FBI wants a fine to be paid for illegal computer activity. The ransomware claims, on the fake FBI Web page, that the computer owner may face jail time if the fine isn’t paid on time.

Botcrawl.com describes how to remove the FBI virus, but this is not an easy problem to resolve for most users. There are reports of the virus taking control of webcams. Others with this virus received phone calls from people who claimed to be from Microsoft or even the FBI. These calls are fraudulent, and users who are contacted by someone shouldn’t believe the claims made without proof of identity.

Tip: Technology leaders should train end users to verify all contacts from “authorities” by initiating contact themselves via trusted phone numbers or verified email addresses.

Why Is Ransomware Spreading?

How fast is ransomware growing? One reputable 2012 report claimed that ransomware extorts more than $5 million a year. Other sources say ransomware will surge in 2013 and beyond because it yields faster financial returns for malware makers than the multistep process required for making money, such as building botnets or harvesting credentials for identity theft or other online crimes.

Ransomware victims often pay hundreds of dollars to criminals; whereas other cybercrime activities usually pay much smaller amounts.

In conclusion, ransomware takes advantage of multiple forms of online criminal activity and packages them together to gain maximum impact as fast as possible. Ransomware is a scary evolution of online fraud — and you need to prepare to deal with it.

Dan Lohrmann Dan Lohrmann  |  Contributing Writer

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist and author. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

Dan Lohrmann joined Security Mentor, Inc. in August 2014, and he currently serves as the CSO and Chief Strategist for this award-winning training company. Lohrmann is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. Read Dan's full bio