CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Security

Ransomware became three times as expensive in 2016

The average price to free your computer from ransomware used to be $294. It's more than tripled in the last year.

gettyimages-150653265.jpg

Ransomware averages at $1,077 per victim now. It might be cheaper to just do this.

Andy Short/PC Gamer Magazine via Getty Images

It's getting more expensive to keep up with ransomware.

As victims struggle to deal with cyberattacks locking up their systems, payouts are on the rise for hackers who target entire computer networks. Ransomware hides onto computers before encrypting important files, demanding victims pay up if they ever want access again.

Throughout 2016, ransomware has become an increasingly popular malware for hackers, hitting San Francisco's public transportation system, Congress and hospitals. As hackers find creative ways to extort money by holding computers hostage, ransoms are becoming less affordable while the malware becomes tougher to crack. In the near future, the average person might not even be able to pay off ransomware, even if he or she wanted to.

The MIRCOP ransomware demanded $28,730 from victims, the highest price seen during 2016.

Two cybersecurity reports pointed at the startling growth of ransomware attacks during 2016. Ransomware attacks have increased by 50 percent in 2016 from 2015, now the fifth most common type of malware. In 2014, it was only the 22nd most common, according to Verizon's 2017 Data Breach Investigations Report.

The report also found that ransomware made up more than 70 percent of malware attacks on the health care industry, which includes hospitals, pharmacies and insurance agencies.

In 2016, Symantec found 463,841 instances of ransomware attacks, which rose from 340,665 in 2015. They also discovered 100 new variations of ransomware, tripling since last year. Over the last year, the security company found an average of 1,271 ransomware attacks each day.

Ransomware's rise comes from both how easy it is to share the malware, as well as how profitable the attacks are. When cyber criminals can share the software with each other and send out ransomware to infect systems in mass amounts through email, it's a quick formula for an easy buck.

"Ransomware has shown a propensity for monetization and automation," said Gabriel Bassett, the Verizon's report co-author. "As long as the industry allows the same things to work, we're not going to see huge changes because the attacks are all economically driven."

In 2015, the average profit for a cyber thief through ransomware was $294. Symantec found in its Internet Security Threat Report that demands have more than tripled, jumping up 266 percent to an average $1,077 per victim. Depending on how important the files are, it might be cheaper to just buy a new computer.

They can afford to raise the price when the majority of victims are willing to just pay the price. In the US, 64 percent of ransomware victims opt to pay the ransom, with the software often times being too difficult to crack, even for the FBI.

Attacks have become more sophisticated, going after entire drive systems as opposed to specific files to hold hostage. Ransoms can now also increase for every day it's not paid, and some ransomware function as pyramid schemes, offering freedom if victims can infect two or more people.

Organizations like No More Ransom are fighting back against ransomware with free decryption tools. The group estimates that they've blocked cyber criminals from receiving more than $3 million in ransomware payouts since forming in July 2016.