Cyber Extortionists See Profits Increase as Victims Keep Paying

According to a report published by cyber security firm Symantec, hackers have been increasing the ransom victims need to pay in order to free their computers that have been paralyzed by their malware. The goal is to maximize profit and, reportedly, it’s working as victims often pay up.

Victims keep paying extortionists

The report states that the average ransomware demand was of roughly $294 back in 2016, a number that nearly tripled to $1,077 this year and that is still increasing. Ransomware extortionists are essentially trying to figure out how far they can go and still get paid.

A whopping 69% of ransomware attacks hit consumer computers last year, leaving 31 percent of infections to businesses and other organizations, according to the report. Alarmingly, 34% of consumer victims all over the world paid to regain access to their data. As if that wasn’t enough, in the United States, a country targeted by nearly a third of detected ransomware infections, 64% paid.

Kevin Haley, Symantec Director of Security Response, told Reuters:

“If six out of ten people will pay your ransom when it’s three hundred bucks, you’re thinking What if I raise it to four hundred? What if I raise to five hundred?”

As The Merkle previously pointed out, according to Kaspersky Labs one business was hit with a ransomware attack every 40 seconds, and an individual every 10 seconds last year. The surge in attacks has been fueled by the sale of ransomware kits, that go for anywhere between $10 and $1,800 on dark web markets. This type of service, known as RaaS (Ransomware as a Service) makes it easier for less tech-savvy criminals to extort using ransomware.

One kit formerly known as Shark, for example, allows users to customize their demands, while keeping 20% of the ransom payments. Uniquely, this service has recently rebranded from Shark to Atom, and is publicly accessible, even to users that don’t use TOR.

According to cybersecurity firm Barkly, email is the number one delivery vehicle for ransomware, as booby-trapped attachments can easily infect a whole network once one employee opens them.

Targeting critical service providers

Even though most attacks are on individuals, Reuters points out that some ransomware attacks last year have targeted critical service providers such as hospitals and police departments in Europe and the United States, as these are likelier to pay due to the nature of the data being locked away.

One example of such an attack would be when hackers used Locky, a well-known ransomware strain, to infect computers at Hollywood Presbyterian Medical Center, forcing officials to pay the equivalent of $17,000 in bitcoin in order to regain access to their computers after they were offline for over a week.

Late last year, an attack on the San Francisco Municipal Transportation Agency (SFMTA) using HDDCryptor took over 2,000 computers, and forced the agency to open the gates and allow passengers to ride for free.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.