A panel discussion at the Federal Trade Commission Fall Technology Series in Washington DC extensively covered the ransomware problem: One of the biggest cybersecurity threats ever faced by organizations and consumers.
Over the last year, ransomware has grown to become a major threat to businesses. An increasing number of individuals are using crypto-ransomware to extort money out of companies. According to figures from the Justice Department, in the year to date there have been over 4,000 successful ransomware attacks reported. Attacks have increased four-fold in the space of just 12 months.
Lance James, Chief Scientist at Flashpoint, explained that while the number of infections are increasing, the returns are relatively low. Ransomware nets the attackers around $7,500 a month and up to $100,000 a year, while affiliates earn about $600 a month. While the returns are not massive, many of the attackers are based in Russia or Eastern Europe, where the cost of living is lower. The threat of being caught is low, and the returns are worth pursuing. The problem is unlikely to go away as long as ransomware remains profitable.
In the afternoon session, Will Bales, a Cyber Division Supervisory Special Agent at the FBI, spoke of the growing threat from ransomware. He also explained the correct course of action to take in the event of a ransomware infection being discovered. Bales explained the importance of involving the Federal Bureau of Investigation, and to ensure that as much information as possible is shared with the FBI as possible. In the event of an attack, the FBI should be notified immediately via the ic3.gov website.
As was explained, while an individual or company may be infected, these attacks do not happen in isolation and further attacks on other organizations and individuals will occur. The more information that can be provided to the FBI, the easier it will be to conduct investigations and bring the individuals responsible to justice. Bales explained that even a Bitcoin address can help the FBI with its investigations.
The sheer scale of the ransomware problem is staggering, but little appears to have been done to bring the individuals responsible to justice; however, Bales did indicate that progress is being made.
The FBI has been working on prosecuting individuals for extorting money with ransomware. No specific details were provided to attendees, but Bales did say that there has been some success, in a large part due to collaboration with law enforcement agencies all around the world. In some cases, some of the infrastructure used by cybercriminals to spread ransomware has been taken down.
Bales also emphasized how important it is not to pay ransom demands. Paying a ransom only serves to encourage the use of ransomware. The more successful ransomware is, the more cybercriminals will use it to extort money from organizations and individuals.