Even After Cryptographic Malware Attacks, File Decryption Will Not Always Require a Ransom

Every computer operating system in widespread use today maintains an idea of permissions, with certain accounts and processes only being allowed to do particular things. An average user, after all, would normally have no need to alter or overwrite the files that the kernel of an operating system depends upon in order to function. While the various arrangements of these kinds contribute to improved security, none of them are ever bulletproof. There are still effective ways for criminals and digital attackers to do real harm, as by identifying and leveraging vulnerabilities in particular pieces of software.

In many cases, though, it turns out to be easiest for attackers to have others do their dirty work for them. Given that the owner of a computer, smartphone, or other digital device will generally have fairly full control over the software that it runs, this is one avenue of attack that criminals regularly seek to make use of. By persuading a person to run a malicious–though probably harmless-seeming–piece of software, a criminal can often subvert security measures that would otherwise have held up.

In many cases today, the goal will be to have a computer or smartphone run an illicit piece of software that thereafter begins encrypting all the files it can find. By using advanced cryptographic measures that are essentially irreversible by those who lack the appropriate key, such small, stealthy software programs can quickly do a great deal of potential damage.

What will typically follow once that has been achieved will be a demand for ransom. Generally setting a deadline for a few days off, hackers will require that a certain sum of money be paid by either an online, cryptographic currency or through the use of untraceable gift cards of various kinds. Should the payment be received in time, the files that were being held for hostage will then normally be released.

However, it is also sometimes possible to simply carry out this file decryption directly. Of the most commonly deployed software programs like this, the keys used by a number have been discovered in the wild. A quick consultation with a knowledgeable technologist will therefore often reveal that no ransom needs to be paid at all.