Since 2020, ransomware has been on a rise. A new report says this is because of a combination of factors that allow cybercriminals to easily compromise corporate networks and because a big number of organizations are willing to pay a ransom.
A defense think tank, the Royal United Services Institute (RUSI) and cybersecurity company BAE Systems warn that the “perfect storm” of ransomware attacks is raging because there’s insufficient security on an organizational level and because ransomware attackers get what they are after – money.
The boom in remote working has helped cyber criminals to be successful at compromising improperly secured networks for ransomware attacks. Cybercriminals have been taking advantage of the inadecuate security of remote employees.
It is easy for cybercriminals to find and distribute ransomware. And the frequency of ransomware payouts means that the whole affair is profitable for them.
The numbers of victims of ransomware that are paying ransoms encourage cybercriminals to pursue this line of attack. It also normalizes the act of giving in to the ransom demand, the report suggests.
“The more organizations that pay a ransom, the more acceptable the notion of paying a ransom to solve the problem becomes,” the paper warns.
The rise of ransomware-as-a-service made it relatively simple for even low-skilled cybercriminals to get a piece of the ransomware pie. Ransomware operators advertise their offers on the dark web and underground forums. There are schemes in which wanna-be attackers pay a fee or buy a subscription for pre-packaged ransomware which often comes with support. If the attack is successful, the authors of the ransomware get a commission.
“Recent evidence suggesting that ransomware operators are on active recruitment drives for new talent are a concerning sign that the scale of the threat is still increasing,” says the research.
Ransomware groups often engage in what is called the “double extortion” technique – threatening to leak stolen data if the ransom isn’t paid.
The report concludes that ransomware attacks will only stop if ransomware as a business becomes unprofitable. That will happen only when organizations will become secure enough to not fall victim to attacks in the first place.
Or when human nature changes and everyone’s making their living honestly – our own conclusion.