Bad Actors Still Raking Profit From Ransomware

Bad Actors Still Raking Profit From Ransomware

The most efficient malware used by cyber crooks is Ransomware. Affecting everyone and everything it continues to wreak havoc on a global scale, from regular Internet users to enterprises to critical infrastructures. So why do hackers still win?

Cyber criminals who unleash ransomware have learned that attacks targeting large corporations yield much more profit than the en masse attacks on random endpoints. At the same time, these large infrastructures still rely on unpatched/unpatchable, legacy systems that are highly vulnerable to cyber-attacks.

When victims are left without a choice

Ransomware families like WannaCry, NotPetya, GandCrab, Ryuk, SamSam and, more have inflicted billions of dollars of damage worldwide, crippling businesses and critical infrastructures alike.

The attack on Garfield County in Utah, where officials paid the ransom in Bitcoin to regain access to their systems and data. The type of ransomware used in the attack is not known, but it is believed operators encrypted not just the county’s live data, but also the backups, leaving them no choice but to pay and hope to get back what was theirs. However, paying the ransom doesn’t always yield the decryption keys from the attacker, either because, the attack was only meant to disrupt.

Big businesses on Target

The Garfield County attack is just one example where the victim had no choice, but to cave into the attackers’ demands. GandCrab operators reportedly demanded $700,000 to decrypt per server. Some paid, while others didn’t.

Refusing to pay the ransom doesn’t deter attackers, because they know they stand a good chance of getting paid if the damages are high for the victim. For example, in the City of Atlanta last year, when SamSam struck, Norsk Hydro this year, and crippled its aluminum smelting facilities and power plants. The victims incurred losses in the tens of millions of dollars, making one wonder what the outcome would have been had they paid? These attacks make headlines that future victims will read and ponder, increasing their anxiety – and the likelihood that one or two will cave in and pay.

Another emerging trend in recent years is targeting healthcare facilities. This again the IT administrators find it easier to consider paying the ransom. The reason is simple: freezing a medical canter’s operation puts lives at risk and patient health history could be lost forever.

How to stop the attack – better safe than sorry!

Ultimately, the attackers know that targeting big player will yield handsome money. With their greedy demands, ransomware operators are raking a moolah. That’s why it is important that organizations should equip themselves with the knowledge, and technology to detect and prevent a ransomware attack.

Source: https://securityboulevard.com/2019/04/why-ransomware-continues-to-be-an-immensely-profitable-business-for-bad-actors/

Related Resources:

Community Efforts Against Ransomware

How to Remove Pewcrypt Ransomware

Decryption Tool Developed by Talos for PyLocky Ransomware

2018 Year-in-Review: The NoPetya/Petya Ransomware Incidents

Julia Sowells960 Posts

Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register