Ransomware drives cybercrime profits in 2017

Print Friendly, PDF & Email

As you can imagine, ransomware has become a big business for cybercriminals.  Here are some quick numbers to give you a picture of just how big it has become:

Ransomware activity is fueled by innovated, entrepreneurial criminals.  There are a handful of reasons why this type of crime is so lucrative and widespread:

  • There are multiple ways to infect a victim, including email links, email attachments, website exploits, social media campaigns, compromised business applications, and USB drives for offline infection.
  • Mass email infections are cheap and easy, and there's a relatively low risk of getting caught.
  • Ransomware-as-a-Service (RaaS) makes it easier for new people to get into the business of extortion.  The Cerber ransomware variant mentioned above is the world's largest RaaS, and the Satan RaaS we talked about last week is designed for absolute beginners.
  • Many businesses simply aren't willing to lose files to encryption, or they are unprepared to recover from an attack.  It's often cheaper and easier to pay the ransom.

At this point in the lifespan of ransomware, it's prudent to assume that it's not a matter of if you will be attacked, but when.  There's no reason to think that it can't happen to you.  Hospitals, police departments, governments, and educational institutions have all been attacked.  And while you may be one of the people who think you aren't important enough to be targeted, remember that most of these criminals aren't looking for any particular type of victim.  They simply distribute their ransomware and wait for it to call home.  Or in the case of offline ransomware like Zepto, they don't need it to call home.  They simply distribute the files and see if someone makes a payment.

We've talked before about using proper data protection strategies to protect yourself from ransomware.  This is important because if there's no free online decryptor for your files, you will want to be able to restore them from backup so that you don't have to pay the criminal.  Still, the best thing you can do is deploy multiple layers of security throughout your infrastructure and make sure your end-users are aware of the risks.  According to a recent survey, less than half of ransomware victims fully recover all of their data after restoring from backup.  This is largely due to user error on the backup configuration, or backups getting encrypted before the IT department finds the infection.  Additionally, you may inadvertently leak sensitive data to an outside party during the restoration or decryption process, exposing yourself to further types of financial loss.

Ransomware is going to remain a threat for a long time, but defending your organization can be as simple as 1-2-3.  See how Barracuda can help you protect your company from ransomware in three simple steps.


Scroll to top