Ransomware gold mine for hackers?
Ransomware is a booming business for the criminals who have decided this is the way to make money in the future. How much money you may ask?
The ransomware activist took in nearly 1 billion in pilfered loot during 2016. The process of using ransomware to encrypt or delete files is a highly persuasive method to get people to pay up or risk losing all their data. Some notable payees were Hollywood Presbyterian Hospitals in California they paid over $17000 to retrieve their highly private patient files and medical histories. The CEO felt this was the quickest and easiest way to restore its patient’s data and continue its daily operations without any delays. Los Angeles Hospital had to shut down its network of computers and medical equipment to avoid further encryption of its files. The staff of the hospital had to resort to faxing and phone calls to try and keep things going, patients were being turned away for lack of intake procedures were not up and running. The domino effect of unplugging networks can be costly and time consuming. Hence many of these hostages end up simply paying the ransom and preventing future attacks of this kind.
How do they intend to prevent future attacks of this specific type?
The first step is users becoming more aware of the tactics used by hackers to get their payload into the system. Namely the best form of deployment is through some type of phishing email. Maybe better antivirus technology with self-learning algorithms, which produce a smart software able to stop attacks without patches or updates. Next, Industries from around the globe sharing their ideas to help dispose of newer and newer viruses that have been found in their geographic area. All of these preventive measures will surely help the rising tide of ransomware, but will it stop the ever increasing flow?
The money trail is staggering according to bitcoin specialist ransomware payments totaled nearly $1 Billion. They found 3 bitcoin wallets associated with the Locky ransomware strain each had accumulated $50 million and a fourth one had $70 million. CryptoWall had gathered close to $100 million for its creators it would have gotten more but it was shut down last year. CryptXXX was able to gather $73 million during the last 6 months of 2016. And Cerber took $54 million to the bank. Smaller ransomware strains such as Apocalypse, FLocker, and Kozy.Jozy, just to name a few collected nearly $150million. The FBI reported $209 million in ransomware payouts, from individual and enterprises. In addition, there were $800 million in known payments, there were many other bitcoin wallets that couldn’t be found be researchers and weren’t counted so this may push the grand total beyond the $1 billion mark.
Are the totals realistic
These totals have been confirmed to be within reason by experts in the field. Some say it may even be low because the total amount is not including some non-reported entities. The future of bitcoin payments will be harder to track; the criminals are using many different accounts to mask their illegal activity. There was a 400 increase in the amount of ransomware variants in 2016 and many experts expect to see an increase of up to 25% of that number in 2017. The criminals will continue to use phishing attacks to gain access to user’s machines and will probably not stop inventing newer and better ways to increase the dollar volume. The increase will level off compared to the 100% increase of last year.
Law enforcement has teamed up with large antivirus vendors to create a new obstacle for criminals. Intel, Kaspersky Lab, Europol, and the Dutch Natl. High Tech crime force formed a new alliance: “No More Ransom” in addition to this alliance many police agencies in other countries have organized to prevent ransomware from further developing into a non-stoppable entity. These collaborations will help to shut down teams of hackers and will possibly lower the amount of ransomware being developed in the future.
These anti ransomware alliances are also distributing free information on how to lower your chances of being infiltrated with any form of ransomware. The big antivirus vendors are also rolling out new ways to defend against ransomware sandboxing, new technologies, and intelligence sharing. One of the biggest problems is that criminals are constantly evolving to create better ways to bypass the antivirus software and since they know the vendors plans, which they must share publicly, and they can send their malware through sample antivirus software engines they have a bit of an advantage over those vendors.