Ransomware has become a significant source of income for cybercriminals, with both private and public organizations in the crosshairs.
Many companies have found it easier to bite the bullet, pay the ransom and resume operations rather than face the alternatives of trying to secure their data or face double extortion.
However, cybersecurity firm Emsisoft thinks that the cost of ransomware has grown too high and has declared its belief that an all out ban on related payments is the answer.
Drying up the digital goldmine
In a blog, the firm points out that in 2023, the average ransomware payment reached $1.5 million, up 29,900% from 2018 when the average payment was around $5000. This rapid increase in the capital acquired by cyber criminals has also led to a major rise in the technology and techniques available to cyber gangs, allowing for access into organizations to be bought and sold as a commodity.
Emsisoft also queries the factors that led to such a rapid increase in ransom demands, questioning if cyber insurance, particularly those with ransomware protection, may have driven such an unprecedented increase in both attacks and revenue for cyber gangs.
There is also the human cost to consider, with an estimated one person being killed by ransomware per month in America likely due to the disruption an attack can cause to schedules, patient details and service availability.
Last year, the Counter Ransomware Initiative - a collection of 50 countries looking to curb ransomware - committed to a non-payment policy for all ransom demands on government institutions. However, this policy does not cover private enterprise which still accounts for a significant source of income for cyber gangs.
One of Emisoft’s threat analysts, Brett Callow, stated in the blog that, “Current counter-ransomware strategies amount to little more than building speed bumps and whacking moles. The reality is that we’re not going to defend our way out of this situation, and we’re not going to police our way out of it either.
“For as long as ransomware payments remain lawful, cybercriminals will do whatever it takes to collect them. The only solution is to financially disincentivize attacks by completely prohibiting the payment of demands. At this point, a ban is the only approach that is likely to work.”
The blog points out that a ban would not be about complete non-payment of all ransoms, as that would be unrealistic. Some companies would subvert that ban and pay anyway. The main purpose of a ban would be to disrupt the flow of capital, and make ransomware no longer a viable source of income. Emsisoft believes that cyber gangs would turn to methods that have less of an impact on businesses and organizations.
Cyber gangs are profit motivated entities, so it is believed that if ransomware attacks are disrupted enough and the possibility of a successful extortion becomes more difficult, the gangs will lose motivation to continue committing these forms of attacks.
Via The Register
More from TechRadar Pro
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.
He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.
Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.