Ransomware scams have been around for decades, but they are becoming more detrimental to organizations of all shapes and sizes. To ensure you can protect yourself, we’d like to give you an overview of how ransomware scams work and why they are so profitable. We will also share some examples and recommendations for how you can avoid falling victim to ransomware scams.
How a Ransomware Scam Works
Ransomware is malicious software that encrypts or prevents you from accessing your files, endpoints, or networks. In a ransomware scam, cybercriminals contact you to demand that you pay them in order to remove the encryption or regain access to your files. In some scams, the cyberattackers may withhold the data they have stolen or threaten to auction it off on the dark web.
Why Are Ransomware Scams Profitable for Cybercriminals?
Ransomware scams are profitable for cybercriminals because they are becoming more sophisticated and publicized, causing more victims to payout. In terms of sophistication, hackers can spend days, weeks, or even months in an organization’s computer system undetected. The time the hackers spend inside your network gives them the ability to cherry-pick your most valuable data. After they figure out what would hurt your business the most, they proceed to encrypt and exploit your data by threatening to leak or sell this sensitive information.
As large ransomware attacks get more attention and have more severe consequences for the victims, companies may often give in to ransomware demands. Recent research that surveyed global IT professionals found that of the organizations reporting a ransomware attack, 27% of victims chose to pay the requested ransom amount. In other words, when a company is hit and pays the ransom, the attack is widely publicized. This generates a buzz around the hackers’ success.
Examples of Profitable Ransomware Scams
The healthcare industry is one of the largest targets for ransomware attacks. Sensitive patient information can be extremely profitable on the dark web because criminals can use it to commit identity theft. Ransomware attacks on healthcare providers can also cause life-threatening consequences. A recent ransomware attack on the Marietta Hospital in Ohio caused the provider to cancel surgeries and divert ambulances after they fell prey to a ransomware attack.
When Colonial Pipeline was victimized by a ransomware attack in May 2021, its operations came to an abrupt halt. Therefore, they decided to pay close to $5 million in Bitcoin to the hackers. Another highly publicized ransomware attack was held against JBS, a meat processing company that was forced to temporarily close some of its facilities. As a result of the attack, they paid an $11 million ransom demand to the cybercriminals.
While ransomware scams are becoming more sophisticated and publicized, you can avoid being a victim. If you are not sure how well your files, endpoints, and network are protected, you can start by working with an MSP (managed services provider) to schedule a free ransomware evaluation. If you would like more long-term protection, you should also look into a disaster backup and recovery solution that provides around-the-clock support and includes ransomware protection.