Corporate IT teams have been under a great deal of pressure since a spate of massive data breaches exposed numerous weaknesses in the average security program. As teams worked overtime throughout 2016 to shore up the gaps, one type of malware flourished at an incredible pace.
As recent cybersecurity infographics and my company’s Annual Threat Report have revealed, ransomware is on the rise. We saw that attacks grew 167 times over, from 4 million in 2015 to 638 million in 2016. Victims typically download ransomware by opening an infected email attachment or clicking a compromised pop-up, triggering malicious code. From there, a sequence of events unfolds that locks down the victim’s device and displays a message listing demands that must be met in order to regain access.
Most commonly, victims are asked to transfer a sum of bitcoin to the cyber attacker’s anonymous bitcoin address. However, if the victim has admin rights on their company’s network, it’s possible that the ransomware can spread far beyond the infected device, locking down the company’s website and back-end systems and halting normal business operations until the ransom is met or the malware eradicated. In the first quarter of 2016, companies paid an estimated $209 million in ransom, and the number of attacks grew from 30 million to over 260 million by the fourth quarter.
We saw that this surge in ransomware was driven by one trend in particular: the rise of ransomware-as-a-service (RaaS), which lowered the barrier to entry and put ransomware in the hands of a wider swathe of cybercriminals.
RaaS Brings Cybercrime To The People
RaaS is designed to make cybercrime accessible to anyone, no matter how limited their programming mastery. Advanced cybercriminals author the malicious code, then make it available for others to download and use. The authors may provide the ransomware for free or charge a small fee up front, often opting to take a cut of each ransom. This incentivizes a higher volume of attacks and higher ransom requests.
Ransomware is not only cheap to purchase and download; it’s also easy to spread. In comparison to other types of popular attacks, you don’t need to be tech-savvy or have expensive equipment, which means more and more cybercriminals are turning to this type of misconduct. It also produces a quicker payout than stealing credit card data or personal information. Perhaps most importantly, there is a lower risk of being caught due to the anonymity of Bitcoin.