How much do you know about ransomware?

Ransomware attacks are getting more frequent and more expensive. Businesses and cities of all sizes, as well as individuals, are increasingly finding their files and computers frozen and held hostage if payment isn’t made. 

Damon McCoy (CSE), a member of NYU’s Center for Cybersecurity, gives some insight on the nuances of ransomware, explaining how this form of activity has grown with the times, from floppy disks and physical mail, to gift cards and cryptocurrency. 

McCoy noted that since ransomware attacks are profit motivated — and if nobody paid, therefore, attackers would have no money to invest in more-sophisticated forms of attack, CISA and the FBI don’t recommend paying ransoms. The problem, Prof. McCoy said, is that for individuals and companies, it’s often more economical to pay the ransom than to not pay it.

“That’s kind of what perpetuates the problem, is that it makes sense for [individuals] to pay,” he said. “But individually, by paying, they’re fueling the profits and the reinvestment and the sophistication cycle of it.”