Symantec’s research found that nearly 3 percent of all those who are attacked by ransomware end up paying the attackers. Hackers command ransoms of up to $460 per machine.
In a ransomware attack, a user’s PC is infected with malicious code that lock ups the machine and its data. The user is then presented with a ransom note, demanding money be paid to retrieve and restore the data.
Kevin Haley, director, Symantec Security Response, told eSecurity Planet that while ransomware has been around since 2009, in the past it didn’t work as well. Previously it was relatively easy to un-encrypt the ransomed data. As well, payment mechanisms used to be more problematic for attackers, as they could easily be blocked.
While ransomware is a growing threat, Haley said Symantec does a good job of blocking malware with its security technologies. He admitted, however, that it is possible for some attacks to get through. Symantec maintains a long list of anti-virus definitions to help detect ransomware attacks and updates it daily for customers.
“Standard best practices would apply in general to prevent ransomware infections,” Haley said. “But if you do get infected, there are also tools to get it off safely.”
Ransomware victims should never pay to retrieve their data, Haley warned. “Once they get your money, they don’t care and they still won’t give you back your data.”