If you are a victim of ransomware, don’t pay!
That has been the mantra of the FBI for several years now – one that was forcefully echoed by one of the nation’s highest-profile security bloggers – Brian Krebs – in a recent post.
But based on the statistics, either a lot of people aren’t listening, or it’s a bit more complicated than that. The reality is that the success of ransomware isn’t just increasing. It’s exploding.
The Ponemon Institute reported in a study released last month that 48% of businesses victimized by ransomware said they paid.
According to the FBI, the collective amount of ransoms paid in all of 2015 in the US was $24 million. In 2016, it had jumped to $209 million in just the first three months – which means if the growth curve continued it would easily have topped $1 billion by the end of the year.
Of course, that was just what was reported to the FBI and just in the US. The Cyber Threat Alliance (CTA) reported that the global ransomware damages in 2015 just from CryptoWall3 were $325 million.
The latest version, CryptoWall4, caused an estimated $18 million in damages to 36,118 victims since its discovery last year, the CTA reported.
Numerous other studies have pointed to the ransomware growth curve. Beazley, a breach insurance vendor, reported last fall that based on client trends, ransomware attacks in 2016 would be four times greater than in 2015.
MarketsandMarkets began the year predicting a 16.3% compound annual growth rate in the market for ransomware defense, rising from $8.16 billion in 2016 to $17.36 billion in 2021.
The FBI reported that, “one particular ransomware variant compromised an estimated 100,000 computers a day.”
Candid Wueest, a researcher at Symantec, said the company’s Ransomware and Businesses 2016 whitepaper found that ransomware infection numbers spiked to 56,000 last March – double the normal rate.
And the problem is likely worse than the findings. The FBI said many victims don’t report it, “for a number of reasons, including concerns over not knowing where and to whom to report; not feeling their loss warrants law enforcement attention; concerns over privacy, business reputation, or regulatory data breach reporting requirements; or embarrassment.”
Indeed, ransomware is even trendy – at the top of the agenda of this week’s RSA Conference in San Francisco, where there was an all-day “Ransomware Summit” on Monday, led by DataGravity CISO Andrew Hay.
The reasons for its attractiveness to cyber criminals are not complicated. It doesn’t take all that much expertise – it has been widely reported that it is easy for so-called “script kiddies” to buy or lease the malware on the Dark Web.
Sign up for CIO Asia eNewsletters.