“I remember the time I was kidnapped and they sent a piece of my finger to my father. He said he wanted more proof.”

Rodney Dangerfield

In the 1920s and 1930s, hoodlums, to generate income, kidnapped people and held them for ransom. To advise the victims’ families of their demands, they would write a ransom note. To expedite the process of writing a ransom note and to avoid duplicating effort over multiple kidnappings, one hoodlum, Verne Sankey, prepared a fill-in- the-blank ransom note. It contained such terms as “we are holding                             for Sixty Thousand Dollars.” It was like a template you might find today on the internet for a writing business correspondence: just fill in the blanks to personalize the communication to your specific situation.

Today, it would be very unusual to see a person kidnapped and held for ransom (in the United States, at least). Instead, we are experiencing a growing amount of a different kind of kidnapping, wherein the internet is used to facilitate the crime.

The FBI reported that, in 2022 alone, individuals in the United States handed over  32 million dollars to hackers as ransom payments. This does not include business ransom payments and ransom attacks that were not reported by individuals to the FBI. But who or what was being held hostage that required ransom payment to release? It was the computer files on the victims’ own computers. The hackers didn’t kidnap or steal the files, they just encrypted them with malware so the victims couldn’t access them. Only the hackers had the encryption keys to unlock the files. Without them, the victims would never see their files again. On the other hand, if they paid up, the victims were promised an encryption key to unlock their files. Of course, there is no guarantee that if they paid the ransom they would get the key. So, they paid, in 2022 alone, millions of dollars to hackers. This crime not only continues today, but is growing to be a much more serious problem.

To begin to understand the crime of ransomware and how it works, we need to address the concept of encryption. Encryption  is  a  method  of  scrambling  a  message  so  it becomes unreadable. The only way to then read the message is by decrypting it with a key. Unless you have the key, it is impossible to decipher it. Encryption is not a new thing, of course—it has been used for centuries. In wartime, for example, messages were encrypted to prevent them from being read if they fell into enemy hands.

Today, however, hackers have found a way to victimize us via our computers, using encryption technology and the old-fashioned technique of holding something valuable for ransom.

The name for this is ransomware. It’s today’s version of kidnapping. In reality, there is no actual “kidnapping” of your information. You still have it, since it resides on your computer and was never absconded with at all. However, the information, such as your documents, pictures and other files, are encrypted and rendered unreadable by you or anyone else who doesn’t have the encryption key. Guess who has the encryption key? The hackers, of course. And what do they want before they give you the decryption key? Your money, of course. How much they demand depends on who the victim is. For a business, it could be thousands of dollars or more. For an individual, the ransom demand is usually about $500. Want to see your family photos that you uploaded to your computer alive again? Pay the ransom. Want to see your spreadsheets? Pay the ransom. Want to see your stored letters? Pay the ransom.

Ransomware has reached epidemic proportions, and it only seems to be getting worse. In May 2017, a ransomware attack dubbed “Wannacry” hit thousands of computers in over 100  countries. Much of the effect was felt by the business community. Organizations are particularly vulnerable to ransomware, as their computer files are needed to operate their business.

Ransomware starts when a victim opens an email sent to them by hackers. In most cases, just opening the email will not do anything to the victim’s computer. However, if the victim clicks on a link or an attachment in the email, a ransomware attack can occur.

The demand for payment, or ransom note, appears on your computer screen, delivered through the malware that resides on your computer. If you become a victim of this type of cyber fraud, you have a few choices:

  1. Pay the ransom and hope you get the decryption I say “hope” because there is no guarantee that the hackers will follow through on their promise to give you the key. In most cases, however, the hackers will give you the key because they want to maintain their reputation for excellent customer service. (What’s next, a customer satisfaction survey? “How was your hacking experience with us? Click on the smiley face or frowny face.”) The FBI does not recommend that anyone pay ransom in cases like this because, for one thing, it emboldens the hackers. The money that you pay might be used to fund other criminal activities as well. But, in truth, paying may be your only option if you have no other way to recover your files.
  2. Thumb your nose at the hackers and refuse to pay on principle, or for any other In this case, you may never get your files unlocked.
  3. Contact a computer professional and see if there is any way they can decrypt your files without obtaining the key from the In some cases, this may be possible, depending on the type of encryption that was used to lock up your files.
  4. Recover your files from an unencrypted This is your best option and it guarantees that you can recover your   files    without    paying   a   ransom. However, there is one  caveat:  you need to have backed up your files. If there is one thing that people are complacent about, it’s keeping a current backup.

You can back up to a hard drive or flash drive that is connected to the computer. If you use this option, it’s a good idea to disconnect when  you are not backing up. If your back up drive is connected all of the time, it, your backup files on this drive could also be encrypted by malware at the time of an original infection. Back up to the hard drive and then disconnect it.

Another option for back up is in the cloud. These services are generally considered secure and may provide protection against ransomware. In most cases you should be able to recover your files from the cloud in the event of a ransomware attack.

You might be wondering why law enforcement doesn’t go after and catch the people or groups behind the ransomware attacks. There are two reasons why there has not been an effective law enforcement response to the ransomware epidemic. The first has to do how the money is transferred to the crooks when victims pay the ransom. In most cases, the ransom is demanded in the virtual currency Bitcoin. Its use by the hackers renders traditional law enforcement techniques for following the money ineffectual.

The second reason is that even if law enforcement could follow the money to the hackers, they can’t arrest them. It is believed that most cases of ransomware originate outside of the United States, and U.S. authorities would need the cooperation of the countries where the hackers live to arrest and prosecute them. Law enforcement doesn’t often get that cooperation.

In short, it’s been difficult to stop the hackers involved in ransomware attacks. Ultimately, the solution lies with the victims and potential victims, who are all of us. The answer lies with prevention—namely, two simple things we can all do to stop ransomware from infiltrating our lives.

First, it’s key to stop a ransomware infection before it starts, by being careful where you click. As discussed previously, don’t click on links or attachments in suspicious emails, those from unknown senders, or emails that don’t make sense. Second,  back up your computer files on  a regular basis either on a hard drive or flash drive. Disconnect it after you have finished backing up. Cloud back up is another option.

If we take preventative steps to make sure we are not victimized by ransomware, we will render the crooks’ business model ineffective. A lack of profit from the crime will cause the crime itself to dry up and go away.