After WannaCry and NotPetya, ransomware dwindled in 2017

Hackers wreaked havoc all summer with ransomware. Researchers from Malwarebytes think users might have stopped hackers by getting smart.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce | Amazon | Earned wage access | Online marketplaces | Direct to consumer | Unions | Labor and employment | Supply chain | Cybersecurity | Privacy | Stalkerware | Hacking Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
2 min read
A photo of a combination lock backlit with a pink glow. According to a report from Malwarebytes, hackers launched fewer ransomware attacks in 2017 starting in August.

According to a report from Malwarebytes, hackers launched fewer ransomware attacks in 2017 starting in August.

James Martin/CNET

After a year of headline-grabbing ransomware campaigns, it looks like hackers are launching the attacks less frequently.

Ransomware is malicious software that can lock up your files until you send hackers a ransom payment. It featured in the WannaCry attacks in May and the NotPetya attacks in June, both of which swept through hospitals, banks and governments in several countries. But after July, the rates of ransomware infections dropped sharply, according to a report from Malwarebytes.

If the trend continues, it would mean a reprieve from an attack that targeted institutions where time is money, like banks, or where lives could hang in the balance, like hospitals.

So why would hackers ditch one of their favorite attacks? It turns out that computer users have a really valuable tool against ransomware: backing up their files. 

That's according to Chris Boyd, a malware analyst at Malwarebytes, who told ZDNet that publicity around the major ransomware attacks probably helped educate people about how to avoid needing to pay by uploading files to the cloud or a backup device. 

"This alone, even without additional security precautions, effectively deadens the otherwise considerable sting of the threat," Boyd told ZDNet, a CNET sister site. The company sells a product that detects and blocks malicious software for businesses and regular computer users.

That's not to say hackers aren't hacking. They've simply turned to other kinds of attacks to steal money, such as banking trojans and adware, both of which are old-school hacking tricks.

Hackers are also still innovating. Adam Kujawa, director of malware intelligence at Malwarebytes, said the biggest trend he observed in December was the rise of "crypto-jacking." That's when websites you visit secretly use your computer's processing power to run a program that creates bitcoins. 

That lets hackers make money off your computer. And, Kujawa said, "it wears down resources really fast," slowing down your computer's performance.

But hey, at least you can still access your files.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.

Logging Out: Welcome to the crossroads of online life and the afterlife.