How Do Hackers Use Ransomware?

malware that locks users' files for ransom still popular among hackers

By Jonny Lupsha, Wondrium Staff Writer

Hackers and other bad actors use the Internet to commit cybercrimes. From identity theft to catfishing, methods of cybercrime seem to be increasing as the years go by. How do hackers use ransomware?

hacker hand on laptop computer keyboard with red binary screen of ransomware attacking. Cyber attack and Internet data security concept
The United States has experienced a significant increase in ransomware attacks over the last several years. Photo by Zephyr_p / Shutterstock

Cybercriminals have evolved their methods over the years. For example, they have long used malware (short for “malicious software”) to hack others’ computers and steal files or information. Others pose as lonely singles to convince targets to send them illicit pictures of themselves, at which point the criminals reveal their true identities and threaten to release the photos to the public unless the target pays them.

The Federal Bureau of Investigation and some of its international partners recently used legal means to hack a ransomware group. Ransomware is a form of malware that encrypts files on the target’s computer and locks them out of it until they pay money to the hacker to release it. In a statement, Attorney General Merrick Garland said the operation saved victims an estimated $130 million.

Ransomware can affect far more than individual computer users. In his video series Assessing America’s National Security Threats, Lieutenant General H. R. McMaster, U.S. Army (ret.), expands on the ransomware threat facing America today.

How Does Ransomware Affect Us?

Unfortunately, malicious hackers are growing in number and skill, and they have ready access to malware. Quantum computers, which use quantum mechanics to solve problems that are too difficult for ordinary computers, are also falling into the hands of bad actors, making it more possible for them to break better and better encryption. Cryptocurrency is also anonymous and, therefore, often used to facilitate extortion and the stealing and transferring of wealth.

“Other technologies that have the potential to do good can also empower criminals and adversaries,” Lt. Gen. McMaster said. “As an example, ransomware attacks that order victims to pay large sums of money to regain access to their digital networks and data—or incur even greater costs to restore them—are skyrocketing.”

In the United States, several organizations have been victims of ransomware. A health network in New Jersey fell prey to a ransomware attack, as have multiple city governments. The private sector has been targeted, too. McMaster mentioned a meat processing plant that was also targeted.

“One, specific example that comes to mind is when the city of Baltimore suffered an estimated $18 million loss after refusing to pay a ransomware demand of $75,000,” he said.

In the bigger picture, states and non-state actors are improving cyberweapons that are able to disrupt infrastructure such as power, transportation, energy, and finance. Whether these attacks are done with ransomware or just as hacks to take these systems down, they could have serious consequences, at least in the short term.

“So, an active cyber defense and cyber offensive capabilities, along with resilient network systems, are essential to achieving meaningful deterrence: convincing enemies and convincing criminals that they cannot accomplish malevolent objectives through cyberattacks,” Lt. Gen. McMaster said. “The United States and its allies must also be prepared to act against hostile actors with sanctions and preemptive or punitive actions in the physical world.”

Assessing America’s National Security Threats is now available to stream on Wondrium.

Edited by Angela Shoemaker, Wondrium Daily