Consumer Reports has no relationship with any advertisers on this website.
Hospitals and other healthcare providers across England were forced to cancel countless appointments and divert ambulances on Friday after a massive ransomware attack crippled their computer systems. In the hours that followed, the crisis spread to facilities in at dozens of other countries, according to news reports.
FedEx was one of the big corporations affected by the attack, telling NBC News that "like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible. We regret any inconvenience to our customers.”
Although this latest attack was massive in scope, ransomeware threats often strike the personal computers of individual consumers, too.
Here’s what you need to know and how to protect yourself.
What is ransomware?
Ransomware is a form of malware designed to steal money from individuals, businesses and other organizations by holding their data hostage. Imagine coming home to find a big padlock on your front door and a criminal standing next to it, demanding money to let you in. That's ransomware. Only instead of being locked out of your house, you're locked out of all your personal files. The next time you log on, your computer displays a ransom note saying your data has been encrypted, with instructions on how to pay to unlock it.
Can hackers really make money doing this?
Oh, yes. Ransomware is big business. Ransoms can range from a few hundred to thousands of dollars and are usually paid in the "virtual" currency Bitcoin, which is nearly impossible to trace. In some cases, the longer you wait to pay, the higher the ransom becomes.
According to cybersecurity firm Symantec's Internet Security Threat Report released in April, the number of new ransomware strategies uncovered during 2016 more than tripled to 101, while the number of ransomware infections the company spotted jumped 36 percent. Verizon's recently released 2017 Data Breach Investigations Report notes that ransomware accounted for 72 percent of the malware incidents involving the heathcare industry last year.
Why is this particular ransomware attack significant?
Friday's attack affected at least 25 of the UK's National Health Service's hospitals and other organizations. But NHS says it was not the specific target of the attack. It does not appear that patient information was accessed, according to the organization, but its investigation into the matter is still in the early stages. Barts Health, which manages a handful of major hospitals in London and elsewhere, also confirmed it was experiencing a "major IT disruption."
The malware arrived in encrypted files distributed by email. Once a computer was infected, the user received a note demanding $300 in bitcoin to restore access to patient information and other data on the device.
The attack quickly spread to other countries. CNN put the figure at 74.
Has this ever happened in the US?
Yes. One of the best known examples involved L.A.'s Hollywood Presbyterian Medical Center, which in February 2016 said it paid a ransom of $17,000 to get its computer systems unlocked.
Because of the large amount of personal information collected about patients, hospitals and other healthcare providers are prime ransonware targets. If a doctor can't access information about a patient's medications and pre-exisiting conditions, it's virtually impossible to provide treatment, forcing the doctor and patient to reschedule appointments. And that can result in millions of dollars in lost productivity.
So, even though medical computer systems are routinely backed up, and nearly all that data can be recovered and restored, hospitals often pay the ransom in an effort to speed things up and minimize financial losses.
How do you get infected?
Whether they involve a computer nework run by a business or hospital, or just an average person's personal PC, most ransomware infections happen when a user is lured by a bogus “phishing” email to a site that infects his or her computer, or by clicking on an attached file that secretly installs it.
How can you avoid having your data taken hostage?
You avoid ransomware the same way you avoid any malware infection: By being careful. While that's not always easy, there are things you can do to steer clear of problems.
- Don’t casually click a link inside an email; instead, type the web address directly into your browser.
- Never open an attachment unless you were expecting to receive it and you're certain of what it is.
- Don't spend time in the disreputable corners of the internet that specialize in risqué content or pirated movies; you can get infected simply by visiting a dodgy site.
- Never install software just because a web site tells you to do it.
- And always keep a backup copy of all your personal files on a separate drive or with a "cloud"-based backup service. That way, if the worst happens, you'll always have access to your most important data.
Copyright © 2006-2017 Consumer Reports, Inc.