Ransomware Cost Surpasses $25 Million Mark

Jul 27, 2017

Companies and individuals have paid more than $25 million over the past two years to try to get their computer data back from hackers who hijacked it. This is according to new research by Google about the phenomenon.

Ransomware attacks use software that infects a target's computers and encrypts all the files so that the victims lose access. The perpetrators hold onto the key for decrypting the data until they get their demanded payment, or ransom, which victims typically pay using bitcoin or some other cryptocurrency that is difficult or impossible to trace.

The research, conducted by Google, Chainalysis, University of California at San Diego, and New York University's Tandon School of Engineering, was presented Wednesday at the Black Hat security conference in Las Vegas. Chainalysis is a startup that monitors bitcoin transactions for customers.

Many computer users are very much at risk because Google estimates only 37% of them actually back up the data on their hard drives.

Ransomware has become "a very, very profitable market and is here to stay," Google researcher Elie Bursztein told the BBC news

Related: How to Protect Yourself Against WannaCry Ransomware

Assessing actual payments is tricky, not only because victims typically use hard-to-track cryptocurrency to make payments, but also because most companies are not eager to disclose they've been victimized.

Related: Victims of Petya Ransomware

Thus the researchers relied on reports from victims, but they also found files that were used to infect machines and ran them on their own computers to replicate the process, according to the BBC. Then they monitored network traffic generated by victims to figure out where the money went.

Fortune contacted Google (googl) and NYU requesting access to the report and will update this story as needed.

Victims of fairly recent ransomware attacks include FedEx (fdx), TNT Express service, global shipping giant Maersk. pharmaceutical power Merck (mrk), and San Francisco public radio station KQED.

It is unclear if any of these companies actually paid the ransom.

All products and services featured are based solely on editorial selection. FORTUNE may receive compensation for some links to products and services on this website.

Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: http://www.djindexes.com/mdsidx/html/tandc/indexestandcs.html. S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions