When officers in the Tewksbury, Mass., police department first noticed that something was wrong on their network, they initially thought it was a typical malware infection. For an individual victim, a ransomware infection may mean the loss of photos, financial information and other important files, but for a government agency or enterprise, it could spell disaster. And their revenue streams depend upon their victims having no other options but to pay the ransom. Variants like CryptoLocker are sophisticated pieces of malware written by professionals with one goal in mind: making money. It’s an incredibly frustrating and scary situation for the victims, particularly those who aren’t technically savvy and don’t understand what the consequences of the attack are.Īlthough security experts almost always recommend that victims not pay the ransom to get their files back, for many victims, there is no other choice. Unsuspecting victims visit a compromised Web site or open an infected attachment in a spam email and soon discover that their PCs are locked up, or worse yet, their hard drives have been encrypted and the malware is demanding a payment in order to set the victims’ data free. The threat posed by ransomware–especially crypto ransomware variants such as CryptoLocker, Crowti, Cryptowall and many others–for years has mainly affected consumers. The vital files and data the Tewksbury Police Department needed to go about its daily business had been encrypted and held for ransom, a scenario that is becoming increasingly common in enterprises and municipal agencies. In early December, as most people were dealing with the stress of looking for the perfect holiday gifts and planning out their upcoming celebrations, police officers in a small New England town were under a different sort of pressure.