Advances in technology always come at a price.

Once just a hacker’s toy, the computer virus has evolved into something more sinister.

Malware called ransomware, which can hold computer files hostage in exchange for a ransom, is increasing as a menace in Japan.

According to IT security firm Trend Micro, Japanese companies reported 650 cases of ransomware infections in 2015, a more than 16-fold increase on the previous year.

And the spread of malware shows no sign of abating, with a survey in May showing 740 cases in the first three months of this year.

The following is a look at the surging cyberattack risk and how it can be prevented:

How does ransomware infect a computer?

Ransomware often gets into a computer through a malicious email attachment or by a user clicking on a link to a malicious website.

According to one case reported to the government-affiliated Information-technology Promotion Agency (IPA), a person received an email notification of a “new invoice,” with a message written in nonnative Japanese urging the recipient to open an attached file to confirm the details.

In such an example, if the attachment is opened, it can encrypt a user’s personal files, including Microsoft Office files and photos, that are stored on a computer. To restore the files, a ransom as big as millions of yen can be demanded — with payment made online or using the cryptocurrency bitcoin — in exchange for a decryption key to open the hostage files.

Opening a website containing a malicious computer code or loading a malicious online advertisement can allow ransomware to infiltrate a computer. Infected websites are often hard to detect, and even major websites can be hijacked for use in a ransomware attack.

How does ransomware differ from other computer viruses?

Unlike traditional computer viruses, which are often created and spread by people seeking to show off their computer skills, ransomware has evolved as an organized business product, said Joji Hamada, a senior security response manager at Symantec Japan Inc.

Some ransomware viruses are created by hackers and sold on the dark web, the hidden part of the internet that doesn’t appear in a web search, Hamada said. Such viruses are often sold to parties seeking to rob computer users, he added.

The buyer of the virus can start a ransomware business without having to develop software, he said.

Who is being targeted by ransomware?

Recent ransomware targets include companies and institutions such as hospitals, Hamada said.

Hospitals are prime targets because they could risk losing medical data, which might endanger patients’ lives, if they don’t pay a ransom, Hamada said, adding that attackers might think hospitals are more vulnerable to cyberattacks compared with private companies.

Ransomware can also target individuals who don’t use a PC.

In March, ransomware was discovered targeting Android smartphones in a first in Japan. Once a smartphone was infected, the malware locked the device to render it unusable and displayed a countdown timer and message — again written in nonnative Japanese — claiming to be a warning from the Justice Ministry, according to Trend Micro.

The message warned the smartphone owner to pay a ¥10,000 “penalty” via an iTunes gift card to unlock the device otherwise a “case file” would be sent to a court.

Hamada said ransomware poses a greater threat to society in the future, when more internet-linked devices — from home appliances to vehicles — are used in everyday life.

He said hackers might be able to remotely lock the doors of internet-connected cars or even lock the brakes, putting drivers in danger.

“Attackers might do anything to force people to pay money,” Hamada said.

What can be done if a computer is infected?

Unfortunately, once files are encrypted, there is not much victims can do to restore them without paying money, Hamada said.

Worse still, paying the ransom won’t guarantee the files can be retrieved successfully, he said.

“If you want to restore your files . . . it’s up to you whether to pay the money at your own risk,” he said.

But Hamada said he did not recommend paying the ransom because the money will only further fund cybercriminals.

How can ransomware attacks be prevented?

The most important thing is to always keep computer operating systems and software up-to-date, Hamada said.

“Many ransomware infect computers through websites by exploiting bugs in software. It is extremely important to patch security holes,” he said.

Routinely backing up computer data is also effective in minimizing damage, so that important files can be restored as of the last backup even after they have been encrypted.

Trend Micro recommends the 3-2-1 backup rule. It means making at least three copies of the same data and storing them on at least two different media, such as a DVD disk or an external hard drive, and keeping one of those off-site.

Another effective measure is to have reliable anti-virus software installed, so that a dubious email attachment and corrupt websites can be detected and users notified before a ransomware attack, Hamada said.