Thousands of people will have their personal files held hostage this year.
Every so often someone invents a new way of making money on the Internet that earns wild profits, attracts countless imitators, and reshapes what it means to be online. Unfortunately, such a shift took place last year in the world of online crime, with the establishment of sophisticated malicious software known as ransomware as a popular and reliable business model for criminals.
After infecting a computer, perhaps via an e-mail attachment or a malicious website, ransomware automatically encrypts files, which may include precious photos, videos, and business documents, and issues an electronic ransom note. Getting those files back means paying a fee to the criminals who control the malware—and hoping they will keep their side of the bargain by decrypting them.
The money that can be made with ransomware has encouraged technical innovations. The latest ransomware requests payment via the hard-to-trace cryptocurrency Bitcoin and uses the anonymizing Tor network. Millions of home and business computers were infected by ransomware in 2014. Computer crime experts say the problem will only get worse, and some believe mobile devices will be the next target.
One of the first pieces of ransomware to gain traction last year, Cryptowall, added the twist of using the Tor anonymity network, allowing its operators to hide the location of their computers. Between mid-March and late August last year, Dell SecureWorks logged nearly 625,000 Cryptowall infections, including more than 250,000 in the U.S.
Another piece of ransomware, CTB Locker, is the fastest-growing today, says Dawda. It uses stronger encryption than previous specimens, the same Tor trick as Cryptowall, and even a clever “freemium” design: victims get a chance to decrypt some of their data for free to demonstrate that paying up really will work. CTB Locker comes in several versions, in languages including Italian, Dutch, German, and Russian, as well as English. It is spreading most rapidly in Germany, Poland, Mexico, and South America, says Dawda.