Why you should never pay hackers if they take over your computer
Patrick Lux/Getty ImagesIf you're not familiar with ransomware yet, expect to hear a lot more about it this year.
Ransomware, which is a form of malware, works by either holding your entire computer hostage or by blocking access to all of your files by encrypting them.
Once infected, a person generally receives a message stating that he or she must pay a certain amount of money, usually $500 or more, to get the key that will decrypt their data.
Yeah, it's a huge headache. And according to security experts, it's going to become more of a problem this year.
In fact, just last week it was revealed that the Hollywood Presbyterian Medical Center paid $17,000 in ransom to hackers who had taken the hospital's computer system hostage.
Now, it turns out the hospital was able to successfully retrieve the data that was stolen after paying the hackers. But security experts tell Tech Insider that paying cyber criminals to get your data back is usually not the best course of action.
"It's like a hostage situation most of the time. We do not negotiate with terrorists, we do not give into threats. It's kind of like the same thing with ransomware," Liviu Arsene, a senior E-threat Analyst at the security company BitDefender, told Tech Insider.
"I mean we do not encourage people to pay the ransom because it only fuels the cybercriminals means to continue developing more advanced and sophisticated ways of delivering that ransomware to your computer," he said.
What's more, there is never a guarantee that after you pay the hackers will give you the decryption key to unlock your data, Arsene said. And even if you do opt pay the ransom and end up getting your information back, there's a good chance the hackers will come after your data again asking for more money because they know you will pay, Chris Weber, co-founder of Casaba Security, told Tech Insider.
And yet, an astonishing number of people still choose to pay the ransom.
According to a recent BitDefender study, about 50% of ransomware victims have paid their extortionists and another 40% percent of people said that they would pay if it happened to them.
Weber said people usually opt to pay because it is the easiest option and because they fear that if they don't pay, the cyber extortionist might actually threaten to do more damage.
"There's always this lurking fear of 'Well, they got into my system so what else did they compromise? Did they compromise any of my passwords? Or any of my other stuff? How deep did they go?'" Weber said. "And so all you want is to just get rid of them and paying the ransom seems like the best way to do that."
People are also opting to pay because in many cases it is their only hope of ever seeing their data again, Arsene said.
In many cases, people do not have any sort of backup of their computer files stored on an external drive, Arsense said. And unfortunately, that is really the only way to regain access to your files without trying your luck with paying the ransom.
"If you don't have a back-up and you don't have protection, you are gambling," Arsene said.
However, Arsene said there are a few things you can do to help prevent becoming a victim of ransomware.
First, you should never open email attachments from people you don't know, as phishing emails are the primary way computer systems become infected with ransomware.
Second, keep all software on your devices up-to-date so that vulnerabilities are always patched.
And third, use a back-up solution that is not tied to your network and is completely offline. If you back up your files on an external device connected to the network, then hackers may be able to infect it wil ransomware as well, so make sure it is offline.
"It's not difficult to do, you can have an external storage device, plug that into your laptop every now and again and then remove it. And then in case something happens, at least you will have a week worth of data lost, but you will have all of the weeks before," Arsene said.