When you think of being ransomed, an image of individually cut-out magazine letters spelling out a threatening message may come to mind. However, ransom has become much more high-tech today.
Crypto-ransomware is a form of malware that not only restricts someone from accessing their computer files—it encrypts them too. Therefore a decryption software must be used in order to unscramble the documents before getting them back. However, in order to get them back, the hacker demands a ransom, usually in an untraceable currency like Bitcoin, or else the files will be lost forever.
A report from F-Secure Labs, a company with a mission of "digital freedom", evaluates crypto-ransomware from a customer standpoint - those who are the victims of an attack.
Their findings are surprising in that some of these hacking sites have FAQ pages, customer support, and a free trial of their decryption software - even though they are the ones that encrypted your files in the first place.
All this is aimed at getting the victim to trust the hackers enough to actually send them the money—or else the whole venture is worthless.
The team at F-Secure Labs tracked down some of these sites and created a fake email account to communicate with the hackers as someone trying to get their files back. They rated 5 different "families", as they put it, on their professionalism, informativeness and instructiveness, language support, free trial decryption, support channels, and negotiation.
Overall, the team found that 75% of the hackers would negotiate, "averaging a 29% discount from the original ransom fee," the study says, as well as that "families with the most professional user interfaces are not necessarily also those with the best customer service".
What do these ransoms cost? F-Secure Labs found a range of $150 due at the end of one day, to $1,900 due at the end of three days.
In order to reduce the risk of attack, make sure your important documents are backed up in a separate location, and take care when opening email attachments, especially from unknown sources.
