Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Ransomware Is Not a “Malware Problem” – It's a Criminal Business Model

Ryan Olson, Unit 42 Analysts, Palo Alto Networks | May 13, 2016
Ransomware has existed in various forms for decades; but, in the last three years, criminals have perfected the key components of these attacks.

2. Higher Ransoms 

The majority of single-system ransomware attacks charge a ransom between US$200 and US$500, but the values can be much higher. If attackers are able to determine that they have compromised a system which stores valuable information, and that infected organization has a higher ability to pay, they will increase their ransoms accordingly. We have already seen this in a number of high-profile ransomware attacks against hospitals in 2016, where the ransoms paid were well over US$10,000.

3. Targeted Ransom Attacks

A targeted intrusion into a network is valuable to an attacker in many ways. Selling or acting on stolen information is a common technique, but it often requires additional "back-end" infrastructure and planning to turn that information into cash. Targeted ransomware attacks are an alternative for attackers who may not know how else to monetize their intrusion. Once inside a network, attackers can identify high-value files, databases, and backup systems and then encrypt all of the data at one time. These attacks, using theSamSa malware, have already been identified in the wild and proven lucrative for the adversaries conducting them.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.