Is The Boom In Ransomware Stabilizing?

Ransomware has been through a meteoric rise over the past 12 months. Going from a barely known form of malware to one of the most commonly deployed threats around, the criminal world appears to be fully incorporating ransomware into its business model.

That’s according to Palo Alto Networks, who’ve released a new report studying this form of attack. Considering 2016 has seen several institutions including hospitals being held hostage by ransomware, as well as through DDoS ransom demands, it’s evident that the revenue generated from online crime is becoming less dependent on consistently compromising more databases and user accounts to then sell on. 

The money is coming from the victims themselves, who are consensually handing money over to criminals in order to access their photos, movies and other files that attackers have encrypted and threatened to permanently delete.

How do they know? Well as with all economies, prices give us the best indication of what’s selling and what’s in demand. For example, the price of pagers plummeted when mobile phones hit the market, new ideas and products entering a market can lead to old products/sources of revenue going down the ladder or fading into non-existence. 

What Palo Alto has observed is the average price for stolen records online is now falling rapidly, having reached a new low of $6 per record, compare to a previous average price of $25. This shows people are assigning a much lower value to them, meaning the online criminals who buy them are sourcing revenue from other means. We can tell this new revenue is often being drawn from ransomware attacks as we’ve seen such a dramatic increase in instances of these attacks, with many victims coughing up. Returns on these attacks are often as high as several hundred dollars or above.

By the way, you definitely shouldn’t pay up.

Anyway, the reason security experts are starting to get extra anxious is because of the proliferation of smart devices. Yes, as usual, the Internet of Things means this situation of incessant ransom attacks may go from bad to worse. 

This is because so many of the company’s manufacturing these devices don’t bother adding serious security measures to their products. Whether to keep costs down or simply because developers don’t see it as a priority is a discussion for another time, but the key takeaway is that several devices will be open to being held to ransom, causing headaches the world over for web users and security teams.

IT Secrity Guru

« Germany's Intelligence Chief Accuses Russia of Cyber Warfare
Is Edward Snowden Really A Russian Agent? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

CERTuy

CERTuy

CERTuy is the national Computer Emergency Response Team for Uruguay.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

ZenMate

ZenMate

ZenMate is a Virtual Private Network services provider offering secure encrypted access to the internet.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

HB-Technologies

HB-Technologies

HB-Technologies is pioneer in Africa, in digital security, embedded electronic and IT solutions based on highly secure smart cards that comply with international standards and norms.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

Oligo Security

Oligo Security

Oligo aims to streamline the usage of open source by making it secure and easy to protect. Through focusing developers on the relevant vulnerabilities we make the fixing process significantly shorter.

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.

Cork

Cork

Cork is a purpose-built cyber warranty company for managed service providers (MSPs) serving small businesses (SMBs) and the software solutions they manage.

Accompio

Accompio

Accompio offer comprehensive support in the digitalisation of your business processes.

Elitery

Elitery

Elitery is an IT-managed service company that focuses on cloud and cybersecurity services.