Ransomware has become a major source of income for cybercriminals, with public and private organizations in the crosshairs.
Many companies have found it easier to bite the bullet, pay the ransom, and resume operations rather than face the alternatives of trying to protect their data or face double extortion.
However, cybersecurity company Emsisoft believes the cost of ransomware has risen too high and has stated that it believes the answer is an outright ban on related payments.
Drying up the digital gold mine
In a blog, the firm notes that in 2023, the average payment for ransomware reached $1.5 million, 29,900% more than in 2018, when the average payment was around $5,000. This rapid increase in capital acquired by cybercriminals has also led to a significant increase in technology and techniques available to cyber gangs, allowing them to access organizations to buy and sell them as a commodity.
Emsisoft also questions the factors that led to such a rapid increase in ransom demands, questioning whether cyber insurance, particularly those with ransomware protection, may have driven an unprecedented increase in both attacks and revenue from cyber gangs. .
There is also the human cost to consider: an estimated one person dies from ransomware every month in the United States, likely due to the disruption an attack can cause to schedules, patient details, and service availability.
Last year, the Anti-Ransomware Initiative, a group of 50 countries seeking to curb ransomware, committed to a policy of non-payment for all ransom demands on government institutions. However, this policy does not cover private companies, which still represent an important source of income for cyber gangs.
One of Emisoft’s threat analysts, Brett Callow, said in the blog that “current anti-ransomware strategies amount to little more than creating obstacles and killing moles. The reality is that we are not going to get out of this situation by defending and we are not going to get out of it through the police either.
“As long as ransomware payments remain legal, cybercriminals will do whatever it takes to collect them. The only solution is to financially discourage attacks by completely prohibiting payment of lawsuits. “At this point, a ban is the only approach that is likely to work.”
The blog notes that a ban would not mean a complete failure to pay all ransoms, as that would be unrealistic. Some companies would subvert that ban and pay anyway. The main goal of a ban would be to disrupt the flow of capital and make ransomware no longer a viable source of income. Emsisoft believes that cyber gangs would resort to methods that have less impact on companies and organizations.
Cyber gangs are profit-motivated entities, so it is believed that if ransomware attacks are disrupted long enough and the possibility of successful extortion becomes more difficult, gangs will lose motivation to continue committing these forms of attacks.