Is Ransomware Holding Your PC Hostage?

Ransomware isn’t a new threat, but it is a growing one. According to new research released from Symantec, ransomware has become increasingly effective over the course of the last year and is set to become a major security trend to watch in 2013.

Symantec’s research found that nearly 3 percent of all those who are attacked by ransomware end up paying the attackers. Hackers command ransoms of up to $460 per machine.

In a ransomware attack, a user’s PC is infected with malicious code that lock ups the machine and its data. The user is then presented with a ransom note, demanding money be paid to retrieve and restore the data.

Kevin Haley, director, Symantec Security Response, told eSecurity Planet that while ransomware has been around since 2009, in the past it didn’t work as well. Previously it was relatively easy to un-encrypt the ransomed data. As well, payment mechanisms used to be more problematic for attackers, as they could easily be blocked.

New and Naughty

Ransomware has evolved and attackers have solved those issues. The ransom messages themselves also have improved, tricking users into thinking their desktops have been locked by legitimate law enforcement agencies. Over the past 18 months, Symantec has identified at least 16 different ransomware variants.

According to Symantec’s investigation, one ransomware operation was able to infect 68,000 machines in one month. The requested ransom was $200, with a 2.9 percent success rate. All told, the attacker could have pocketed $394,400 in one month alone.

From an infection perspective, Haley noted that pornographic websites have often been the carriers of the malware that leads to ransomware exploitation. Attacks can be resident in iFrame-based attacks and in advertising networks. The attackers then rely on attempting to embarrass the user to pay up.

Ransomware is now expanding beyond porn sites and is accelerating deployment in spam distribution networks.

Detecting Ransomware

While ransomware is a growing threat, Haley said Symantec does a good job of blocking malware with its security technologies. He admitted, however, that it is possible for some attacks to get through. Symantec maintains a long list of anti-virus definitions to help detect ransomware attacks and updates it daily for customers.

“Standard best practices would apply in general to prevent ransomware infections,” Haley said. “But if you do get infected, there are also tools to get it off safely.”

Ransomware victims should never pay to retrieve their data, Haley warned. “Once they get your money, they don’t care and they still won’t give you back your data.”

Sean Michael Kerner is a senior editor at, the news service of the IT Business Edge Network. Follow him on Twitter @TechJournalist.

Sean Michael Kerner
Sean Michael Kerner
Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. After carefully surveying the...

Top Endpoint Detection & Response (EDR) Solutions for 2021

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top Next-Generation Firewall (NGFW) Vendors

Cybersecurity is getting more complicated, and so are security products. NGFWs are no exception, and IoT devices and the work-from-home craze that began in...

Related articles