Currently, ransomware is the most prominent cyber threat to businesses and individuals. Ransomware attacks are growing more prevalent as cybercriminals find new ways to profit from them. According to CyberEdge’s 2021 Cyberthreat Defense Report, 62% of organizations were victimized by ransomware in 2019—up from 56% in 2018 and 55% in 2017. This rise is arguably fueled by the dramatic increase in ransomware payments. More than half (58%) of ransomware victims paid a ransom last year, which is up from 45% in 2018 and 39% in 2017.

There are three key factors that make ransomware more profitable for attackers: cryptocurrencies, Ransomware as a Service (RaaS), and geopolitical safe-havens.

Cryptocurrencies provide a safe mechanism for threat actors to be paid while reducing the likelihood of authorities being able to track the money. All contemporary ransomware will ask the victim to send the ransom money to a cryptocurrency wallet address. Ransomware as a Service permits sophisticated ransomware gangs to sell their harmful services to anyone who wants to participate in this criminal enterprise. RaaS providers charge a percentage of the profit generated by the purchaser of the service. The malevolent organization “REvil” promoted RaaS by carrying out multiple ransomware attacks as well as supporting and giving tools to individuals interested in using its service.

Geopolitical safe havens allow governments to turn a blind eye to their citizens’ cybercrime activities as long as the cybercriminal isn’t targeting domestic companies or persons. Russia and China are the most notable countries in the geopolitical cybercriminal sector since they are notorious for not pursuing recognized cybercriminals for cyberattacks that they commit or assist in on a global scale.

Since the first incidence of ransomware in 1989, which is known as the “AIDS Trojan,” the threat of ransomware has evolved, aided by technological advancements (Read more...)