The obvious answer is that it works. And that its profitable. However, technology is slowly eating away at older sources of cybercrime revenue. It was not so long ago that the target of hackers was credit card information, and personal information such as S.I.N. or bank account passwords. The paradigm has changed.

  1. Much of this information is no longer easily available. Retailers have started to purge their data bases of CC data, and no longer retain it. PCI compliance which was the Gold Standard for credit card protection, is becoming irrelevant. This source of income for thieves is slowly drying up.
  2. For those who still are focused on stealing this data, the effort is outweighing the reward. Once a system is breached, hackers need to poke around and find what might be of value. This takes time and increases the risk of getting caught.
  3. Companies are reacting much more quickly to data theft, making the information more time sensitive. New technologies provide victim companies with timely alarms and the ability take corrective action (eg: cancel card numbers) more quickly.
  4. Should thieves succeed in finding gold in your data assets, their next step is leveraging this bounty. Information is usually sold, but buyers are increasingly harder to find as the risk of getting caught increases with each transaction.
  5. The potential population of sources is big but not universal. Targets are limited to companies that keep credit cards or other personal informations. This population is restricted to commercial organizations. Not for profits, hospitals, educational institutions, law enforcement haven’t traditionally yielded anything rewarding.

Cyber thieves however are anything but fools. They have had to react to stay in business, and in doing so have come up with a more ingenious method. Rather than stealing data once they have managed a breach, they merely make it inaccessible to its rightful owner. They take nothing, other than your ability to see or use it. Why is this so successful?

  1. The range of targets is much larger, virtually every computer everywhere. If someone has data that would be painful to lose, they are a potential target.
  2. Law enforcement, including the FBI, recommend payment to retrieve encrypted data. What better PR than having the FBI recommend you?
  3. Ransom threats are time sensitive. Victims are threatened with deletion of data if they do not comply. This added pressure increases likelihood of payment.
  4. Encryption of compromised data is virtually impossible to retrieve in the majority of cases.
  5. It is easy to breach a system. Phishing is the primary, preferred method of access. The percent of user clicks on phishing attacks is upwards of 30%.
  6. Since Bitcoins are virtually impossible to track, there is no link back to the thieves, and their risk is significantly reduced.
  7. The number of criminals involved is growing. Knowing the right web sites, anyone can buy ransomware software (Ransomware as a Service) and be in business within an hour. It’s just too easy.

The future of Ransomware is looking bright!. No longer is it restricted to merely encrypting your data. New ransom threats include:

  1. Revealing personal information to the public if payment not made.
  2. Taking over your operations. One hotel recently had all their electronic door locks shut down, so guests could not enter their rooms.
  3. IoT devices are especially susceptible because of their design. These can be commandeered and cause damage or just be a perpetual nuisance.

It doesn’t look like Ransomware attacks will slow down anytime soon. It’s just too easy, safe and lucrative. Our advice;

  1. Keep regular data backups
  2. Employ system protection software, servers and end-points
  3. Education. Your first line of defence is training your users on Phishing awareness. Since Phishing is the strongest tool in the Ransomware arsenal, education is your best bang for the buck. It can reduce your risk by up to 64%

Contact us at for more information.