How to Counter a Ransomware Attack

This article first appeared on The Daily Signal.

At this moment, someone's computer and personal data are being held hostage. Many have recently become victims of the cybertactic known as ransomware, including hospitals, schools, police departments, government agencies and private citizens.

Ransomware is a type of malware that infects a computer hard drive or server and locks down or encrypts the information stored on that particular device. The virus then demands that its victim pay a relatively small fee in exchange for unlocking or decrypting the information.

Many have been victimized due to recent public demand for interconnectivity among devices and the increased number of these devices, which create potential ransomware targets. The low level of expertise required to perpetrate these attacks makes them even more prevalent.

The proliferation of ransomware on the Internet is another example of how the cyberthreats can have impact in the physical world. For example, in early February, the Hollywood Presbyterian Medical Center was hit by a ransomware attack that shut down its communication systems for 10 days. This particular scenario presents a dilemma with regard to dealing with ransomware attacks.

Given that lives are on the line when a hospital's system is locked down, the hospital has limited choices. It cannot waste valuable time safely removing the virus, so it is often forced to bite the bullet and pay the ransom in the name of its patients. A proliferation of these dangerous attacks warrants finding solutions to halting them.

Successful ransomware attacks often depend on exploiting the human element by fooling users into clicking on or opening a malicious link or attachment. Consequently, individuals and organizations of all stripes should improve their own "cyberhygiene" practices to deny hackers' success from the get-go.

For example, only a quarter of U.S. households currently back up their data on a regular basis. Individuals and organizations should take preventive steps to ensure that backups are up to date to protect against ransomware attacks.

Information sharing can also benefit cybersecurity efforts with regard to preventing and mitigating these attacks. Sharing information about pre-emptive practices could thwart malware attacks before they have even a chance to occur.

Alternatively, there are known solutions to safely removing certain types of ransomware viruses after they have infected a system. Sharing information on these solutions could mitigate the harm caused to the targets of ransomware.

Improving U.S. cybersecurity is important for preserving U.S. critical infrastructure, online freedom and economic growth. Ransomware might be the newest threat, but it will not be the last.

Evan McDermott is a member of the Young Leaders Program at the Heritage Foundation. David Inserra specializes in cyberpolicy and homeland security policy, including protection of critical infrastructure, as a policy analyst in the Heritage Foundation's Allison Center for Foreign Policy Studies.