Ransomware has become a major source of revenue for cybercriminals, targeting both private and public organizations.
Many companies have found it easier to bite the bullet, pay the ransom and resume operations rather than face the alternatives of trying to secure their data or suffering double extortion.
However, cybersecurity firm Emsisoft believes the cost of ransomware has become too high and has stated its belief that a blanket ban on related payments is the solution.
The drying up of the digital gold mine
In a blog post, the company points out that in 2023, the average payment for ransomware was $1.5 million, an increase of 29,900% from 2018, when the average payment was around $5,000. This rapid increase in capital acquired by cybercriminals has also led to a large increase in the technology and techniques available to cyber gangs, allowing access to organizations to be bought and sold as a commodity.
Emsisoft also questions the factors that have led to such a rapid increase in ransom demand, and wonders whether cyber insurance, especially those with ransomware protection, will lead to such an unprecedented increase in both attacks and revenue for cyber gangs.
The human cost must also be taken into account: an estimated one person per month is killed by ransomware in America, likely due to the disruption an attack can cause to scheduling, patient data and service availability.
Last year, the Counter Ransomware Initiative – a collection of 50 countries aiming to curb ransomware – committed to a no-payment policy for all ransom demands on government agencies. However, this policy does not cover private companies, which remain an important source of income for cyber gangs.
One of Emisoft's threat analysts, Brett Callow, stated in the blog: “Current strategies against ransomware amount to little more than building speed bumps and hitting moles. The reality is that we will not defend our way out of this situation, nor will we extricate ourselves from it.
“As long as ransomware payments remain legitimate, cybercriminals will do everything they can to collect them. The only solution is to financially discourage attacks by banning the payment of demands completely. At this point, a ban is the only approach that is likely to work.”
The blog points out that a ban would not amount to a complete non-payment of all ransoms, as that would be unrealistic. Some companies would undermine that ban and still pay. The main goal of a ban would be to disrupt the flow of capital and make ransomware no longer a viable source of revenue. Emsisoft believes that cyber gangs would turn to methods that have less impact on companies and organizations.
Cyber gangs are profit-motivated entities. Therefore, it is believed that if ransomware attacks are sufficiently disrupted and the possibility of successful extortion becomes more difficult, the gangs will lose the motivation to continue perpetrating these forms of attacks.
Through The register