Is The Boom In Ransomware Stabilizing?

Ransomware has been through a meteoric rise over the past 12 months. Going from a barely known form of malware to one of the most commonly deployed threats around, the criminal world appears to be fully incorporating ransomware into its business model.

That’s according to Palo Alto Networks, who’ve released a new report studying this form of attack. Considering 2016 has seen several institutions including hospitals being held hostage by ransomware, as well as through DDoS ransom demands, it’s evident that the revenue generated from online crime is becoming less dependent on consistently compromising more databases and user accounts to then sell on. 

The money is coming from the victims themselves, who are consensually handing money over to criminals in order to access their photos, movies and other files that attackers have encrypted and threatened to permanently delete.

How do they know? Well as with all economies, prices give us the best indication of what’s selling and what’s in demand. For example, the price of pagers plummeted when mobile phones hit the market, new ideas and products entering a market can lead to old products/sources of revenue going down the ladder or fading into non-existence. 

What Palo Alto has observed is the average price for stolen records online is now falling rapidly, having reached a new low of $6 per record, compare to a previous average price of $25. This shows people are assigning a much lower value to them, meaning the online criminals who buy them are sourcing revenue from other means. We can tell this new revenue is often being drawn from ransomware attacks as we’ve seen such a dramatic increase in instances of these attacks, with many victims coughing up. Returns on these attacks are often as high as several hundred dollars or above.

By the way, you definitely shouldn’t pay up.

Anyway, the reason security experts are starting to get extra anxious is because of the proliferation of smart devices. Yes, as usual, the Internet of Things means this situation of incessant ransom attacks may go from bad to worse. 

This is because so many of the company’s manufacturing these devices don’t bother adding serious security measures to their products. Whether to keep costs down or simply because developers don’t see it as a priority is a discussion for another time, but the key takeaway is that several devices will be open to being held to ransom, causing headaches the world over for web users and security teams.

IT Secrity Guru

« Germany's Intelligence Chief Accuses Russia of Cyber Warfare
Is Edward Snowden Really A Russian Agent? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

JLT Specialty

JLT Specialty

JLT Specialty is a leading specialist insurance broker. Services offered include Cyber Risks insurance.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Intelligent Business Solutions Cyprus (IBSCY)

Intelligent Business Solutions Cyprus (IBSCY)

IBSCY Ltd is a leading provider of total IT solutions and services in Cyprus specializing in the areas of cloud services and applications, systems integration, IT infrastructure and security.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

T-REX

T-REX

T-REX is a coworking space, technology incubator, and entrepreneur resource center for technology startups.

972VC

972VC

972VC was created to help entrepreneurs find potential funding for their startups. Your guide to the Israeli startup funding ecosystem.

SHe CISO Exec

SHe CISO Exec

SHe CISO Exec is a sustainable global training and mentoring platform in information security and leadership.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

Cybaverse

Cybaverse

Cybaverse (formerly North Star Cyber Security) was founded to create the perfect blend of a Managed Security Service Provider (MSSP) and a Cyber Security Consultancy in one.

BalkanID

BalkanID

BalkanID is an Identity governance solution that leverages data science to provide visibility into your SaaS & public cloud entitlement sprawl.

U2opia Technology

U2opia Technology

U2opia is a consortium with a proven track record of delivering groundbreaking technology, cybersecurity, and innovative business solutions.

at-yet (@-yet)

at-yet (@-yet)

at-yet are an interdisciplinary team of experts. We are all about achieving results, whatever the situation – an acute incident, risk minimisation, safeguarding or data protection.

Hurricane Labs

Hurricane Labs

Hurricane Labs is a managed security services provider (MSSP) that focuses on Splunk.