Like what you've read?

On Line Opinion is the only Australian site where you get all sides of the story. We don't
charge, but we need your support. Here�s how you can help.

  • Advertise

    We have a monthly audience of 70,000 and advertising packages from $200 a month.

  • Volunteer

    We always need commissioning editors and sub-editors.

  • Contribute

    Got something to say? Submit an essay.

 The National Forum   Donate   Your Account   On Line Opinion   Forum   Blogs   Polling   About   
On Line Opinion logo ON LINE OPINION - Australia's e-journal of social and political debate


On Line Opinion is a not-for-profit publication and relies on the generosity of its sponsors, editors and contributors. If you would like to help, contact us.


RSS 2.0

How to stop ransomware

By David Balaban - posted Wednesday, 16 March 2016

Cyber extortion by means of ransomware or DDoS attacks has grown tremendously over the course of just several months. Black hat hackers now utilize encryption technologies to monetize their viruses. Criminals found that stealing data is not as profitable as encrypting it. They infect computers, lock all files and ask for ransoms to be paid in digital moneylikeBitcoin. Security experts say ransom Trojans cipher files so strongly that they can only be decrypted with the help of secret keys that the perpetrators possess.

The offenders target all of us: individuals, non-government organizations, businesses, governments. They calculate the ransom sum depending on the target. Individuals usually have to submit 400 USD, while organizations like the recently compromised Hollywood hospital are forced to pay much more. Victims have two choices – lose data or pay. In most cases they end up paying to criminals, and this gives a boost to the cyber extortion market.

Hospitals, critical infrastructure entities, and police departments are very vulnerable. Files on their computers are precious. From the purely economic perspective, it is many times cheaper for organizations to pay hackers once in a while than prevent ransomware by investing in cybersecurity. Even the FBI people suggest to pay. The FBI is pretty much helpless at this point. The encryption is strong, and the cybercriminals are all oversees, usually in Eastern Europe and Russia.


Abandoned by law enforcement and security experts, the ransomware business is becoming a serious threat. A single virus called Cryptowall reportedly earned its operators more than 325 million dollars in ransoms. Meanwhile, people's lives are in danger when surgeries get postponed in hospitals paralyzed by these plagues.

Cyber extortion should be made unprofitable to stop this epidemic. Victims should stop paying. This can be done by improving legislation and policies. Paying ransoms should be treated as funding criminals/terrorism and therefore considered illegal.

Pros of making ransom payments illegal:

Psychologically, knowing that something is illegal is a big restraining factor.

Economically, huge fines can be imposed for paying ransoms. This will raise the cost to a whole new level, much higher than criminals demand. From the economic point of view, using security solutions and introducing security training - which is not cheap - will still be cheaper and cost-effective.

Potential victims will take their security posture more seriously, protecting their own and, more importantly, their clients' data.


A poll proved people support more the initiative to make ransom payments illegal. And yet, there are still a lot of people who object, so, actually it's a serious question.

Paying ransoms is already illegal in many countries.

  • Easy money will push more criminals to engage in ransomware activities, causing a snowball effect and more attacks.
  • Ransom demands are growing. Criminals ask for millions already.
  • By quickly agreeing to pay you just prove you are an easy target and can be infected again.
  • By paying you simply get your files back. Even if you remove the virus you cannot be sure there is no backdoor left. Remediation is not cheap for businesses; they still have to rebuild the whole network from scratch to make sure all is clear.
  • A real-world example: terrorists clearly figured out which governments pay ransoms for their citizens. Of about 53 hostages taken by al-Qaeda and its affiliates from 2009 to 2014 most were Europeans, while only 3 were Americans. This might be seen as evidence that the logic behind America's policy of not paying is sound.
  1. Pages:
  2. Page 1
  3. 2
  4. All

Discuss in our Forums

See what other readers are saying about this article!

Click here to read & post comments.

9 posts so far.

Share this:
reddit this reddit thisbookmark with Del.icio.usdigg thisseed newsvineSeed NewsvineStumbleUpon StumbleUponsubmit to propellerkwoff it

About the Author

David Balaban is a computer security researcher with over 10 years of experience in malware analysis and antivirus software evaluation. David runs the project.

Other articles by this Author

All articles by David Balaban

Creative Commons LicenseThis work is licensed under a Creative Commons License.

Article Tools
Comment 9 comments
Print Printable version
Subscribe Subscribe
Email Email a friend

About Us Search Discuss Feedback Legals Privacy