While cryptocurrency brings about a lot of positive changes for our world, it has its bad actors like anything else. Ransomware has been growing in popularity over the last few years, with hospitals, schools, governments, and everyone in between being hit by various ransoms. In the past, these required paying off the ransoms through things like gift cards, but with the growing popularity of cryptocurrencies, they have been the target as of late.
Why Crypto Has Increased in Ransom Popularity
Cryptocurrencies are pseudonymous, or completely anonymous, depending on which one you’re looking at. Bitcoin, for example, can be used anonymously, though most people will leave traces behind when transferring their coins, giving off their identities. Others, such as Dash or Monero, focus more on anonymity and have created new systems to help anonymize transactions. In all of these cases, the end result is the same: when used with security principles in mind, it’s entirely possible to leave no traces behind. And for those who are looking to do things like steal and send out ransoms, this anonymity makes the perfect wall of protection.
Along with the anonymity aspect, cryptocurrency transactions are instant and can not be reversed, so once someone has paid, the person or group making the request knows for a fact that they now have the funds in their hands – there’s no going back after or reporting payments as being fraudulent, as everything is decentralized.
An Increase of 89% in Amounts Required
Coveware has reported some eye-opening statistics regarding ransomware in Q1 2019. Bitcoin remains the top cryptocurrency the ransoms are asking for, with a very small portion (around 2%) being Dash. In terms of the actual ransom amounts, an increase of 89% has been experienced (going from $6,733 in Q4 2018 to $12,762 in Q1 2019). It’s also been estimated that the average cost for businesses hit is around $64,645, a pretty big multiple of the ransoms themselves. As for the breakdown of getting data back after paying off a ransom, that’s where it starts to get a bit more gloomy (as if that’s possible):
- There was a 96% success rate of getting decryption tools after paying off a ransom
- There was an average of 93% of data recovered
It’s stated that the type of ransomware plays a big role in how much data can be recovered. For example, Ryuk is at around 80%, while GandCrab is close to 100%.
As for how this ransomware is distributed, there are three major attack vectors: software vulnerability (6.1%), email phishing (30.4%), and remote desktop protocol (63.5%).
What to Expect Going Forward
Based on the past and the growing popularity of cryptocurrencies, plus a lot of progress in making Bitcoin more anonymous, security is growing increasingly more important. Being careful what you click and download is, by far, the best way to protect yourself, but keeping an eye out for things that just seem questionable is another important thing. And if there’s one good takeaway from the ransomware situation, it’s that cryptocurrencies are, despite the bad nature of this, growing in both usage and necessity.