Some forms of cyber extortion are automated and not targeted at any specific victim. For example, “ransomware” refers to a type of malware that prevents users from accessing their systems unless, and until, a ransom is paid. Although variants of ransomware operate differently many encrypt the contents of a victim’s hard drive using asymmetric encryption in which the decryption key is stored on the attacker’s server and is available only after payment of the ransom. Victims typically discover the ransomware when they receive an on-screen message instructing them to transfer funds using an electronic currency, such as bitcoin, in order to receive the decryption key and access to their files. “CryptoLocker” is the most famous ransomware family and first appeared in 2013.
The real cost of ransomware is downtime and lost productivity due to lack of access to systems for customers and employees. Damage to brand or reputation that occurs as a result of the downtime can also be substantial.
In November 2016, the FTC issued guidance for businesses on how to avoid and respond to ransomware attacks in its How to defend against ransomware1 and Ransomware – A closer look.2
The following provides a snapshot of information concerning ransomware:
The number of entities that reported being victimized by ransomware in 2016.3
The average ransom amount associated with ransomware.4
1 in 5
Businesses that paid the ransom never got their data back.5
Every 40 seconds
A company is hit with ransomware.6
$5,000 - $20,000
Typical range per day of lost business and damages due to ransomware downtime.7
What to think about if your organization is impacted by ransomware:
1. FTC, How to defend against ransomware (November 10, 2015), https://www.consumer.ftc.gov/blog/how-defend-against-ransomware?utm_source=govdelivery.
2. FTC, Ransomware – A closer look, (November 10, 2015), https://www.ftc.gov/news-events/blogs/business-blog/2016/11/ransomware-closer-look?utm_source=govdelivery.
3. FBI, 2016 Internet Crime Report, at 10, IC3.gov (last viewed Nov. 11, 2017).
4. Symantec, 2017 Internet Security Threat Report (Apr. 2017), at 59.
5. Kaspersky Security Network, Security Bulletin 2016, https://securelist.com/kaspersky-security-bulletin-2016-story of-the-year/76757/ (last viewed Nov. 14, 2017).
7. Imperva, Ransomware Rising: Thoughts from 170 Cyber Security Pros (Feb. 13, 2017).