Ever since cybercriminals started to attempt extortion with the use of ransomware, businesses have been attempting to resist. Things are now changing, as according to a report from Phys.org, businesses are now stockpiling bitcoin in order to meet ransom demands that, if unpaid, would lead to a loss of valuable data.
Cybersecurity experts have recently changed their advice on how to deal with cyber extortionists. Although it is clear that if businesses pay they are giving the bad guys a reason to keep going, that now seems to be the advisable choice. As chief executive at DataGravity Paula Long puts it, companies can’t put themselves at risk just because of moral superiority.
Companies are now setting up bitcoin wallets to be able to respond to cyber extortion. Numerous law firms have even stepped in to facilitate negotiations, according to the report, as hackers operate globally. Security firm Symantec estimates businesses face ransoms that average between $10,000 and $75,000, while individuals face ransoms in the $100-$300 range.
Extortionists know the data they encrypt is valuable, but don’t offer businesses any sympathy. The Lost Angeles Community College District LACCD) recently paid criminals $28,000 in bitcoin. Often lives are at stake, as when healthcare networks are attacked, their services can’t be provided. That, however, didn’t stop criminals from forcing them to pay nearly $100,000 in ransom last year.
Law enforcement in the U.S. counsels businesses to keep backup copies of their data in case they are targeted by extortionists. According to Leo Taddeo, former head of the FBI’s New York office cyber division, the bureau’s official policy is that businesses shouldn’t pay the bitcoin ransom.
Practicality, however, forces businesses to set up bitcoin wallets in order to pay the ransom to get back up. It’s common for businesses to have but a few days to pay a bitcoin ransom, or lose their data. To some, it may be impractical to set up a wallet and acquire bitcoin in such a small amount of time.
Raj Samani, chief technical officer at Intel Security, said:
If you’re hit by ransomware today, you have only two options: You either pay the criminals or you lose your data. We underestimated the scale of the issue.
Only 1 in 4 businesses, however, reportedly get their files back after paying the ransoms.
The report even states some companies point out ransomware is a huge threat to businesses nowadays. Recorded Future, a threat intelligence company, stated ransom payments reached $1 billion last year, a 4,000 percent increase. Cybersecurity company Kaspersky Labs estimates that one business is hit every 40 seconds on average. An individual, on the other hand, is attacked every 10 seconds.
Cybersecurity firm Barkly points out that less than half of ransomware victims fully recover their data. Moreover, the #1 delivery vehicle for ransomware is email, followed by websites or web applications. Physys.org’s report states all it takes is one employee to click, and the whole network may be compromised.
Ransomware is a profitable business. The authors of Cryptowall 3.0 ransomware, a strain of malware, made roughly $325 million from their victims by demanding bitcoin payments, in less than one year.
The idea of paying bitcoin extortionists, however, isn’t pleasing to some and, as such, defenses have been created. Cybereason, a Boston-based cybersecurity company, has developed software that, according to the company, detects 99 percent of all ransomware strains. It’s called RansomFree and has been downloaded over 125,000 times.
Image from Shutterstock.
Last modified (UTC): February 21, 2017 19:46