Ransomware has become a significant source of income for cybercriminals, with both private and public organizations in the crosshairs.
Many companies have found it easier to bite the bullet, pay the ransom and resume operations rather than face the alternatives of trying to secure their data or face double extortion.
However, cybersecurity firm Emsisoft thinks that the cost of ransomware has grown too high and has declared its belief that an all out ban on related payments is the answer.
Drying up the digital goldmine
In a blog, the firm points out that in 2023, the average ransomware payment reached $1.5 million, up 29,900% from 2018 when the average payment was around $5000. This rapid increase in the capital acquired by cyber criminals has also led to a major rise in the technology and techniques available to cyber gangs, allowing for access into organizations to be bought and sold as a commodity.
Emsisoft also queries the factors that led to such a rapid increase in ransom demands, questioning if cyber insurance, particularly those with ransomware protection, may have driven such an unprecedented increase in both attacks and revenue for cyber gangs.
There is also the human cost to consider, with an estimated one person being killed by ransomware per month in America likely due to the disruption an attack can cause to schedules, patient details and service availability.
Last year, the Counter Ransomware Initiative – a collection of 50 countries looking to curb ransomware – committed to a non-payment policy for all ransom demands on government institutions. However, this policy does not cover private enterprise which still accounts for a significant source of income for cyber gangs.
One of Emisoft’s threat analysts, Brett Callow, stated in the blog that, “Current counter-ransomware strategies amount to little more than building speed bumps and whacking moles. The reality is that we’re not going to defend our way out of this situation, and we’re not going to police our way out of it either.
“For as long as ransomware payments remain lawful, cybercriminals will do whatever it takes to collect them. The only solution is to financially disincentivize attacks by completely prohibiting the payment of demands. At this point, a ban is the only approach that is likely to work.”
The blog points out that a ban would not be about complete non-payment of all ransoms, as that would be unrealistic. Some companies would subvert that ban and pay anyway. The main purpose of a ban would be to disrupt the flow of capital, and make ransomware no longer a viable source of income. Emsisoft believes that cyber gangs would turn to methods that have less of an impact on businesses and organizations.
Cyber gangs are profit motivated entities, so it is believed that if ransomware attacks are disrupted enough and the possibility of a successful extortion becomes more difficult, the gangs will lose motivation to continue committing these forms of attacks.
Via The Register