Ransomware

Ransomware is a type of malware that encrypts the victim's personal data until a ransom is paid. Difficult-to-trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are commonly used for the ransoms, making tracing and prosecuting the perpetrators difficult. Sometimes the original files can be retrieved without paying the ransom due to implementation mistakes, leaked cryptographic keys or a complete lack of encryption in the ransomware.

Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction.

Starting as early as 1989 with the first documented ransomware known as the AIDS trojan, the use of ransomware scams grew internationally. There were 181.5 million ransomware attacks worldwide in the first six months of 2018, 229% more than the first six months of 2017. In June 2014, security software company McAfee released data showing that it had collected more than double the number of ransomware samples that quarter than it had in the same quarter the previous year. CryptoLocker was particularly successful, procuring an estimated US$3 million before it was taken down by authorities, and CryptoWall was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over US$18 million by June 2015. In 2020, the US Internet Crime Complaint Center (IC3) received 2,474 complaints identified as ransomware, with adjusted losses of over $29.1 million. The losses could exceed this amount, according to the FBI. Globally, according to Statista, there were about 623 million ransomware attacks in 2021, and 493 million in 2022.