These newer incarnations can be incredibly difficult to defeat, and advancements in open-source encryption mean they’ll only get trickier. A recent spate of attacks on police computer systems showed the sophistication of modern ransomware: When small police departments in Massachusetts, Tennessee, and New Hampshire were hacked, they found their vital databases encrypted and inaccessible.
The departments were hit with ransom notices for their data, and couldn’t get around the encryption even with help from private cybersecurity firms and the FBI. (An FBI official said this year that some viruses are so good that “the easiest thing may be to just pay the ransom.”) All three departments paid ransoms ranging from $500 to $750 to regain access to their data.
Those payouts are larger than usual: The average ransom ask is $300. Researchers think that prices are generally low because hackers have found an equilibrium at which they can extort a few hundred dollars from a whole lot of people.
And since anything with a computer for a brain and an Internet connection is vulnerable to a virus, hackers with lofty ambitions can go after a wide range of devices. Conjure up that laundry list of “Internet of Things” gadgets: smartphones, fitness bands, smartwatches, fridges and ovens, smart locks, thermostats.
One strain of ransomware targets Android phones, tricking users into granting it elevated privileges and then immediately changing the device’s PIN. Users find themselves unable to get into their own phones, and have to either pay a hacker hundreds of dollars to regain access, or reset the phone to factory settings and lose the contents.
Others target modern Internet-connected television sets. In late 2015, as an experiment, a researcher at the antivirus company Symantec purposely infected his own smart TV with ransomware with a “man-in-the-middle” attack: Using a device on the network that inserted itself between the TV and the Internet, the researcher was able to intercept the TV’s request for a certain app and deliver an infected version instead.
As soon as the malicious app was installed, it locked up the TV and displayed an ominous ransom note in Russian. The researcher was unable to uninstall the virus-ridden app, and the manufacturer’s tech support couldn’t help remove it, either. He finally cleared the virus using a debugging mode that he’d previously enabled as a last-resort backup measure.
The recent explosion of ransomware will only continue as more everyday objects are connected to the Internet. Newcomers to the Internet of Things are likely to have weaker security systems than computers or servers, which for decades have been designed to weather online attacks. As manufacturers crank out new connected devices, a high priority on functionality can drive them to cut security corners in the name of convenience.