Story image

Cybercrime selling like hotcakes: Ransomware sales soar 2500% in one year

28 Nov 2017

The way criminals ply their trade has changed dramatically since the rise of the digital era, and not for the better – at least for the victims.

“Twenty years ago, if a crime boss wanted to get rich quick, they’d get a crew together, buy some hot guns, steal a getaway car and rob a bank. In the digital era, stealing massive sums of money is much less risky, and a lot less dramatic,” says Emmanuel Marshall from MailGuard.

“To make a big score in 2017 all criminals need to do is get on the dark web, buy some ready-made ransomware and start firing out emails. It won’t even cost them a lot of money to get started; basic ransomware can be had for a few dollars and run on a phone.”

Marshall says today there are sophisticated and comprehensive operations making and supplying ransomware that even provide IT support to their criminal customers.

Carbon Black recently released a report that revealed sales of ransomware on the dark web have skyrocketed an almost ridiculous 2,500 percent since 2016.

“Basic ransomware can be had for as little as US$0.50 in the illicit software marketplace, so it’s little wonder that this is a booming industry,” says Marshall.

“Because ready-made ransomware is so cheap and ubiquitous now, it’s no longer only malevolent geeks who are capable of running email scams; pretty much anyone with an internet connection, a few dollars and a conveniently sub-par conscience can get into the ransomware racket.”

Furthermore, every single one of the businesses surveyed in the Carbon Black report would be willing to pay a ransom if their files and documents were rendered inaccessible by malware.

Given this amount of ‘willingness’, it’s certainly not hard to see why the sale of ransomware has shot up so much.

“At this point you might be thinking, ‘well it probably won’t happen to my business and even if it does we’ll just pay the ransom and get on with it.’ It might seem like a small inconvenience to deal with a ransomware scam; pay a few thousand dollars and get your files back,” says Marshall.

“The thing business owners forget to factor in is the collateral damage done by a ransomware attack. With the computer system locked up, business will pretty much grind to a standstill.”

This means no communications, no access to accounts, no payroll facilities, and no ability to do work of any kind until the ransom is paid – and even then, there is no guarantee that the criminals will restore access.

“Add to the above, the damage to a company's reputation that being involved in a ransom attack will cause, and the cost of lost opportunities during the time that the computer system is frozen, and you are potentially talking hundreds of thousands of dollars in collateral losses,” says Marshall.

“The impact from cybercrime attacks resonates through every aspect of a company’s business. The perceived vulnerability to attack erodes an organisation’s standing with supply chain partners, investors and the public alike.”

Marshall cited Brad Smith of Microsoft who presented a keynote speech at Microsoft Inspire 2017 to illiustrate that while most businesses use some sort of endpoint virus protection on their computer systems, there is a dawning realisation in the IT world that such measures are no longer effective.

“You can’t defeat the threats of the present with the tools of the past. What we’ve learned is that 90% of all security intrusions start the same way, with an email and a link that takes somebody to a harmful website. Every company has at least one employee who will click on anything, and that is pretty hard to protect against,” says Brad Smith, president and CLO of Microsoft.

In terms of advice for this ransomware epidemic, Marshall says the most commonly recommended protection from ransomware attacks is to practice regular automated backups of important files and data to an off-site storage facility.

However this isn’t always possible (particularly for SMBs), so at the very basic level you should NEVER click on links from unfamiliar email senders and always verify the email is actually from the purported sender by clicking on the ‘details’ box at the top of the message.

Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.