Whatever fate awaits the world economy as a whole, one element predicted to keep on booming is ransomware. After all, it is already a $1bn a year industry. Its technology is becoming increasingly sophisticated and the attackers less scrupulous, leading to its targets becoming bigger and more lucrative – businesses and organisations, rather than individuals.
Whereas ransomware bandits used to be content with encrypting the data of single users and charging them a nominal fee for releasing it, they are now threatening to broadcast a company’s entire vault of confidential information to all and sundry. They are also offering victims the rather sinister option of infecting other users’ systems as an alternative to paying a ransom. One single careless click can unleash a full-on ransomware blitz.
Organisations are starting to draw up contingency plans – though generally this seems to involve setting aside a cash reserve for paying off attackers. Security experts and companies working in the field (including CFC) generally advise against making a payment as it may only serve to make targeted companies an even more likely victim in the future – though of course this needs to be evaluated on a case by case basis.