Is The Boom In Ransomware Stabilizing?

Uploaded on 2016-07-06 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Ransomware has been through a meteoric rise over the past 12 months. Going from a barely known form of malware to one of the most commonly deployed threats around, the criminal world appears to be fully incorporating ransomware into its business model.

That’s according to Palo Alto Networks, who’ve released a new report studying this form of attack. Considering 2016 has seen several institutions including hospitals being held hostage by ransomware, as well as through DDoS ransom demands, it’s evident that the revenue generated from online crime is becoming less dependent on consistently compromising more databases and user accounts to then sell on. 

The money is coming from the victims themselves, who are consensually handing money over to criminals in order to access their photos, movies and other files that attackers have encrypted and threatened to permanently delete.

How do they know? Well as with all economies, prices give us the best indication of what’s selling and what’s in demand. For example, the price of pagers plummeted when mobile phones hit the market, new ideas and products entering a market can lead to old products/sources of revenue going down the ladder or fading into non-existence. 

What Palo Alto has observed is the average price for stolen records online is now falling rapidly, having reached a new low of $6 per record, compare to a previous average price of $25. This shows people are assigning a much lower value to them, meaning the online criminals who buy them are sourcing revenue from other means. We can tell this new revenue is often being drawn from ransomware attacks as we’ve seen such a dramatic increase in instances of these attacks, with many victims coughing up. Returns on these attacks are often as high as several hundred dollars or above.

By the way, you definitely shouldn’t pay up.

Anyway, the reason security experts are starting to get extra anxious is because of the proliferation of smart devices. Yes, as usual, the Internet of Things means this situation of incessant ransom attacks may go from bad to worse. 

This is because so many of the company’s manufacturing these devices don’t bother adding serious security measures to their products. Whether to keep costs down or simply because developers don’t see it as a priority is a discussion for another time, but the key takeaway is that several devices will be open to being held to ransom, causing headaches the world over for web users and security teams.

IT Secrity Guru

« Germany's Intelligence Chief Accuses Russia of Cyber Warfare
Is Edward Snowden Really A Russian Agent? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

Redicom

Redicom

Redicom is an independent consulting agency focusing on identity management, strong authentication and single-sign-on.

inBay Technologies

inBay Technologies

inBay Technologies' idQ Trust as a Service (TaaS) is a unique and innovative SaaS that eliminates the need for user names and passwords.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

Sandline Discovery

Sandline Discovery

Sandline Discovery provides digital forensics, eDiscovery solutions, managed review and litigation consulting services.

Resec Technologies

Resec Technologies

Resec provides total protection against all types of known and unknown malware threats including viruses, Trojans, ransomware and phishing, regardless of their delivery method.

Xilinx

Xilinx

Xilinx is the inventor of the FPGA, programmable SoCs, and now, the ACAP. We are building the Adaptable, Intelligent World.

SecureDrives

SecureDrives

Passwordless Authentication & Encrypted Data Storage Solutions from SecureDrives. We are enabling organisations to work safely and securely, using technology driven solutions.

Boxphish

Boxphish

Boxphish provides a proven solution to reduce Human Error and Cyber Human Risk via automated learning journeys and intelligent phishing simulations.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Persona Identities

Persona Identities

At Persona, we’re humanizing online identity by helping companies verify that their users are who they say they are.

Forta

Forta

Forta is a real-time detection network for security & operational monitoring of blockchain activity.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

Cambridge International Systems

Cambridge International Systems

For more than 25 years, Cambridge has been fighting bad actors in both the cyber and physical worlds.