Story image

Cybercrime selling like hotcakes: Ransomware sales soar 2500% in one year

28 Nov 2017

The way criminals ply their trade has changed dramatically since the rise of the digital era, and not for the better – at least for the victims.

“Twenty years ago, if a crime boss wanted to get rich quick, they’d get a crew together, buy some hot guns, steal a getaway car and rob a bank. In the digital era, stealing massive sums of money is much less risky, and a lot less dramatic,” says Emmanuel Marshall from MailGuard.

“To make a big score in 2017 all criminals need to do is get on the dark web, buy some ready-made ransomware and start firing out emails. It won’t even cost them a lot of money to get started; basic ransomware can be had for a few dollars and run on a phone.”

Marshall says today there are sophisticated and comprehensive operations making and supplying ransomware that even provide IT support to their criminal customers.

Carbon Black recently released a report that revealed sales of ransomware on the dark web have skyrocketed an almost ridiculous 2,500 percent since 2016.

“Basic ransomware can be had for as little as US$0.50 in the illicit software marketplace, so it’s little wonder that this is a booming industry,” says Marshall.

“Because ready-made ransomware is so cheap and ubiquitous now, it’s no longer only malevolent geeks who are capable of running email scams; pretty much anyone with an internet connection, a few dollars and a conveniently sub-par conscience can get into the ransomware racket.”

Furthermore, every single one of the businesses surveyed in the Carbon Black report would be willing to pay a ransom if their files and documents were rendered inaccessible by malware.

Given this amount of ‘willingness’, it’s certainly not hard to see why the sale of ransomware has shot up so much.

“At this point you might be thinking, ‘well it probably won’t happen to my business and even if it does we’ll just pay the ransom and get on with it.’ It might seem like a small inconvenience to deal with a ransomware scam; pay a few thousand dollars and get your files back,” says Marshall.

“The thing business owners forget to factor in is the collateral damage done by a ransomware attack. With the computer system locked up, business will pretty much grind to a standstill.”

This means no communications, no access to accounts, no payroll facilities, and no ability to do work of any kind until the ransom is paid – and even then, there is no guarantee that the criminals will restore access.

“Add to the above, the damage to a company's reputation that being involved in a ransom attack will cause, and the cost of lost opportunities during the time that the computer system is frozen, and you are potentially talking hundreds of thousands of dollars in collateral losses,” says Marshall.

“The impact from cybercrime attacks resonates through every aspect of a company’s business. The perceived vulnerability to attack erodes an organisation’s standing with supply chain partners, investors and the public alike.”

Marshall cited Brad Smith of Microsoft who presented a keynote speech at Microsoft Inspire 2017 to illiustrate that while most businesses use some sort of endpoint virus protection on their computer systems, there is a dawning realisation in the IT world that such measures are no longer effective.

“You can’t defeat the threats of the present with the tools of the past. What we’ve learned is that 90% of all security intrusions start the same way, with an email and a link that takes somebody to a harmful website. Every company has at least one employee who will click on anything, and that is pretty hard to protect against,” says Brad Smith, president and CLO of Microsoft.

In terms of advice for this ransomware epidemic, Marshall says the most commonly recommended protection from ransomware attacks is to practice regular automated backups of important files and data to an off-site storage facility.

However this isn’t always possible (particularly for SMBs), so at the very basic level you should NEVER click on links from unfamiliar email senders and always verify the email is actually from the purported sender by clicking on the ‘details’ box at the top of the message.

Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.