Ransomware is malicious software that encrypts files and requires a key to decrypt the files. To get the files decrypted, the company or organization must typically pay the hackers a large fee, often in Bitcoin or another cryptocurrency. It is important to note that cryptocurrency payments are one-way transactions that are impossible to trace. There is risk, too. If the hackers do not provide the organization with the decryption key after payment, there is no refund.
Hackers in recent years have targeted businesses such as hospitals for ransomware attacks, as well as cities and towns, large and small. Black hat hackers encrypted the city of Baltimore’s systems, as well as two smaller cities in Florida.
Chokshi, N. (2019, May 23). Attacked With Ransomware, Baltimore Isn’t Giving In. New York Times, p. B6(L).
Mazzei, P. (2019, June 28). Another City in Florida Pays a Ransom to Computer Hackers. New York Times, p. A17(L).
If the organization does not pay the ransom, it would need to either use backups to restore to an earlier network or system state, or to rebuild its systems and data. In the case of the Baltimore city government, its backup systems were also encrypted, so the city was unable to process real estate transactions.
Depending on the complexity of the environment and the amount of data encrypted, this could cost the organization more than the ransom, perhaps even 10 to 20 times the amount.