• Tech

You Asked: What Is Ransomware?

5 minute read

There you are, surfing the web — maybe you’re catching up with Facebook friends, or perhaps you’re reading the news — and seemingly out of nowhere, a window pops up, stopping your computer in its tracks. And there’s only one way to make it go away — pay up.

It’s an absurd scenario, the kind you might find in a movie, right? Tell that to the thousands of people who have been hit with these so-called “ransomware” attacks to date.

“It actually is a phenomenon,” says Candid Wueest, Symantec’s principal threat researcher. Wueest investigates all sorts of bugs that attack computers and mobile devices via the Internet. The first known cases of ransomware date back to 2005, says Wueest, but infections have increased every year since. And last year, ransomware incidents exploded 113% compared to the year before.

“At the moment we’re probably around 30,000 infections per day around the globe,” says Wueest.

There are many different ransomware viruses floating around the web. But in general, they work like Trojan horses, infecting your computer without you knowing. But in this case, the bugs aren’t corrupting your files, they’re locking them down. Ransomware can encrypt everything from your documents to your photos, and without the correct password to unlock them, you may never be able to open these files again. To get that password, you have one option: follow the ransomware’s instructions, which usually involves making a payment to hackers in the amount of — get this — $300.

Technically, the sums vary, but $300 is the average. “We’ve seen some which ask for $500 or even $700, but that seems to be over the top,” says Wueest, who notes that some ransomware even has dynamic pricing depending on the country you’re in. For instance, a virus in the U.S. might ask for $700, but that same bug in India will only require for $500 for the password.

In other words, the key for the hackers behind this scheme is asking for enough money to make the hustle worthwhile, but not so much that the victim can’t afford to pay. And even though the payouts are just hundreds of dollars at a time, quick math shows ransomware is a multi-million dollar industry.

The savviest ransomware not only capitalizes on users’ precious data — like irreplaceable family photos or the only draft of an in-progress novel — but it can also prey on their deepest fears. For example, one virus displays a screen warning users the FBI is on to all those movies they’ve downloaded illegally. And sure enough, lots of people who get that fake warning pay a fine to avoid prosecution. “Many people may have something in their closet that they think maybe was illegal,” says Wueest. “A lot of them started to pay.”

What can you do if you fall victim to ransomware? Sometimes it’s not much, as hackers’ methods are getting more advanced all the time. “The newest versions [of ransomware viruses] have strong, state-of-the-art cryptography which is used all over the Internet, like online banking and e-commerce,” says Wueest. And every victimized computer has its own distinct decryption key — so there’s no secret password that will magically open these locks.

That’s not to say that computers are completely defenseless. According to the FBI, the government is taking proactive steps to shut down these viruses before they reach your computer. And authorities worldwide are working with digital security companies like Symantec to find the digital kidnappers and bring them to justice. But these hackers can be hard to catch because work they in small, anonymous groups located in far-flung countries with largely ineffectual law enforcement.

“We track a few different groups,” says Wueest. “One group made $34,000 in its first month — that’s a pretty good income for a small group.”

But there are ways to protect yourself from these schemes. First, back up your data regularly. Keep your information in a safe place offline, because under the right circumstances ransomware can infect networked storage or even cloud-connected drives. Secondly, use anti-virus software. Ransomware can infect computers in different ways, like launching through email attachments or via malicious code embedded on a website — but anti-virus software is designed to catch these bugs before they take hold. And finally, keep your software and operating system up-to-date. Many viruses exploit weaknesses in older computer programs, which is one reason software developers are constantly issuing patches and bugging you to install them.

Failing these three measures, if you’re infected, you may just have to pay up to free your data. But there’s a catch: Should you actually trust these thieves to provide the decryption key? “We have seen instances where that actually is true and people did get data back, but we don’t recommend it,” says Wueest. That’s because even if you do manage to wring your files from hackers’ grasp, the money you pay them will further fuel their nefarious efforts. And by making you admit defeat, they’ll become emboldened and continue to shake down other Internet users. In other words, the best defense is avoiding ransomware before it takes hold of your computer in the first place.

More Must-Reads from TIME

Contact us at letters@time.com