Ransomware profits are up, expect many new variants and exponential growth
If you’re not aware of ransomware by now then you’ve been hiding under a rock, and if you’ve been affected by it then you’re likely out of pocket.
Back in 2012 the ransomware business was just getting started and victims would be out of pocket to the tune of $100 — $200!
However, ransomware has proven to be such a successful business model for criminals that the price has gone up significantly.
The “sales” conversion rate is certainly phenomenal and as consumers we all know that “limited time” offers compel us to buy and so buy we do.
The longer the victim hesitates the more it costs them to recover the PC, and it isn’t cheap — in Maktub Locker’s case the price starts above $500.
As you can see from the ransomware Maktub Locker — Extortion Price Plan, the cost of recovering a PC has increased considerably since 2012.
Research at PatrolX indicates that not only will it continue but it will continue in a way that’s about to seriously hurt a very large number of small to mid-sized organizations.
And it’s going to cost them a lot, the price will be much higher for them.
Small to mid-sized organizations and non-profits do not have the level of protection that large enterprises do, but they do have an increased ability to pay a higher ransom over and above normal PC users — which makes them ripe for targeting.
What can you expect?
- Targeted markets — criminals will begin laser targeting and start charging much more for specific types of business, professionals such as lawyers, doctors, accountants, dentists etc. will become prime targets
- Professionals — expect to pay $5k+ for unlocking
- Small to Mid-Sized organizations — expect to pay $25k+ for unlocking
What’s the likely impact for affected businesses in the next six months?
- Departments and entire organizations grinding to a halt
- Significant loss of sensitive information
- Destruction of proprietary information and intellectual property
- Significant financial loss in restoring operations
- Serious damage to reputation and loss of customers
What can you do to prevent it?
- Have a backup and recovery plan in place and perform regular backups
- Always keep operating systems and applications up to date
- Develop an application whitelisting plan, and deploy it
- Ensure all systems have anti-malware, updated hourly
- Prevent users from installing software via email and downloads
- Disable macros that are run outside of a defined safe zone
- Educate users on all of the above and enforce it through HR policy
- Specifically educate users on social engineering and phishing
Ransomware is a serious threat to business, and individuals. Be prepared!
Adam Sculthorpe, Co-Founder of PatrolX