Assessing Emerging Trends in Ransomware Cybercrime

While ransomware is not a novel form of cybercrime, the rapid uptick in frequency and severity of attacks is a trend business owner should be aware of — and alarmed by. Statistics indicate that ransomware attacks have increased over 150% through the previous year, with an estimated 300% increase in the amount paid by victims. All signs point to ransomware continuing to grow as an industry, because, thanks to unprecedented availability and actual cybercrime service offerings, that’s exactly what it has become.

Just five years ago, obtaining ransomware would have required access to and the ability to navigate the dark web. It now takes approximately 45 minutes using Google’s search engine and keyword searching to find ransomware options of varying quality for purchase. The result? Anyone with a reasonable familiarity with the internet can now find ransomware and use it to target businesses.


Ransomware as a Service Explained

Welcome to the world of RaaS – Ransomware as a Service. The Colonial Pipeline attack is one example of the devastating effects of RaaS, which has spread rapidly as a service model due to easy access and affordability. Basic ransomware applications can be purchased for as little as $45, while a robust, subscription-based ransomware application can cost upwards of $1,200 a year, complete with options for monthly financing. Prices increase depending on the sophistication of the ransomware application, but even low-cost ransomware may be enough to threaten business owners.

There’s a certain irony in that it often costs cybercriminals less money to launch a ransomware attack than it costs businesses to effectively guard their infrastructure from attack. Unfortunately, managers who choose to delay the investment in sound protection are increasingly facing the even greater cost of responding to a ransomware incident.

How RaaS Works

This model gives cyber criminals access to ransomware for a flat monthly fee, one-time license fee, profit-sharing model, or affiliate program. The ransomware is created by one cybercriminal or group and is then offered to any number of individuals. Cybercriminals can then charge businesses a ransom to restore their critical files and functionality.


The Rise of Ransomware Attacks

The RaaS model encourages software developers to fine-tune ransomware. It also opens the door to criminals who aren’t tech-savvy. You only need a computer and a standard internet connection to purchase and send ransomware. And while basic RaaS software usually can’t penetrate secure networks, many developers are now offering more sophisticated, effective attacks for criminals to purchase.

Increased Frequency in Recent Years

The number of attacks has increased more than 150% through the previous year. In March 2020, over 677 million malware programs were identified, according to Statista. To put this into perspective roughly 4,000 attacks have occurred daily in the U.S. since 2016.

Higher Average Ransoms Demanded Per Attack

The ransom amount has also seen an average increase of about 300% in the same time. According to the National Security Institute, the average ransom fee requested in 2020 was approximately $200,000, compared to $5,000 in 2018.

Increased Use of Cryptocurrencies

Recent growth in cryptocurrency use has also encouraged the RaaS model. Cryptocurrencies are untraceable, making it difficult for government authorities to track down a cybercriminal after the ransom has been paid. Untraceable currencies embolden criminals to ask for large amounts of ransom without worrying about being caught.

Migration of Millions to Remote Work

While there were already a significant number of remote workers before the pandemic, the health crisis accelerated the shift to remote work for millions of Americans — and created greater vulnerability to cyberattack.

When IT employees and other workers access sensitive files from an office computer, the system-wide firewalls and other network security features kick in to protect these files from being accessed or compromised. But the remote work model has employees working from a wide range of networks that rarely have the same level of security. The result has been inadvertent exposures of sensitive files and systems to malicious actors.

Growth of the Industrial Internet of Things

The industrial internet of things, or IIoT, allows all of your equipment and departments to communicate simultaneously. An increasingly connected facility may be more efficient in daily operations, but it can also be a security liability.

A single compromised network connection can now open the door to a system-wide ransomware attack. The IIoT allows a cyberattack to not only encrypt your office information but cause your entire facility to grind to a halt.


Cybersecurity in the Modern World

In a world where anyone with minimal internet and software experience can find, purchase, and implement ransomware attacks within a day, the need to safeguard your business against the cybercrime industry is greater than it ever has been. Contact us at ICA Engineering to learn more about integrating cybersecurity into your operations.


Image Credits: @Creative Commons

Welcome to the ICA Blog


    Recent Blog Articles

    An IIoT adoption strategy changes how every company works. ICA Engineering will ...


    ICA Engineering gives its clients the wireless tools to modernize their operatio...


    IIoT systems unify today's technologies into an industrial automation architectu...