Ransomware has been through a meteoric rise over the past 12 months. Going from a barely known form of malware to one of the most commonly deployed threats around, the criminal world appears to be fully incorporating ransomware into its business model.
That’s according to Palo Alto Networks, who’ve released a new report studying this form of attack. Considering 2016 has seen several institutions including hospitals being held hostage by ransomware, as well as through DDoS ransom demands, it’s evident that the revenue generated from online crime is becoming less dependent on consistently compromising more databases and user accounts to then sell on. Rather, the money is coming from the victims themselves, who are consentually handing money over to criminals in order to access their photos, movies and other files that attackers have encrypted and threatened to permanently delete.
How do they know? Well as with all economies, prices give us the best indication of what’s selling and what’s in demand. For example, the price of pagers plummetted when mobile phones hit the market – new ideas and products entering a market can lead to old products/sources of revenue going down the ladder or fading into non-existence. What Palo Alto has observed is the average price for stolen records online is now falling rapidly, having reached a new low of $6 per record, compare to a previous average price of $25. This shows people are assigning a much lower value to them, meaning the online criminals who buy them are sourcing revenue from other means. We can tell this new revenue is often being drawn from ransomware attacks as we’ve seen such a dramatic increase in instances of these attacks, with many victims coughing up. Returns on these attacks are often as high as several hundred dollars or above.
By the way, you definitely shouldn’t pay up.
Anyway, the reason security experts are starting to get extra anxious is because of the proliferation of smart devices. Yes, as usual, the Internet of Things means this situation of incessant ransom attacks may go from bad to worse. This is because so many of the companies manufacturing these devices don’t bother adding serious security measures to their products. Whether to keep costs down or simply because developers don’t see it as a priority is a discussion for another time, but the key takeaway is that several devices will be open to being held to ransom, causing headaches the world over for web users and security teams.
You can read Palo Alto’s full report, which provides an overview of the history, present and future of ransomware, available here: http://researchcenter.paloaltonetworks.com/2016/05/unit-42-ransomware-trends/