Ransomware Payments to Hit a Record $2 Billion in 2017: Research

According to new research from a cybersecurity firm, ransomware payments will hit a high of $2 billion in 2017.

2017 will officially become the most expensive year ever for ransomware victims, doubling the $1 billion paid by victims in 2015. The upward trend paints a damning picture of the damage caused what is among the most effective cyberattacks in the present day, climbing from a relatively mere $24 million in 2015, according to data from cybersecurity firm Bitdefender.

“We monitored the amount of ransomware we see this year,” Bitdefender senior threat analyst Bogdan Botezatu explained. “We took into account about a ten percent conversion rate. If ten percent of people convert from ransom to paid, these hackers should be making about $2 billion.”

Further, the problem is exacerbated by the total cost of damages caused by cyberattacks – in excess of $5 billion this year. For instance, the NotPetya ransomware attack has caused a whopping $310 million in damages to pharma giant Merck, $300 million for logistics giant FedEx and $200 million for Maersk, the world’s largest shipping operator.

The average ransomware demand now stands at $1,000, a 266 percent rise from 2016.More victims are paying up and privately, more businesses are paying five-figure ransoms. Research also revealed that only 47% of victims paying ransoms recover their files.

Some ransomware strains have begun targeting the GPU, instead of the CPU, to encrypt and cripple a computer, research has revealed. In essence, this would mean an attack will trigger and take over hundreds of times faster than previously seen, making it significantly harder for antimalware software to detect and stop them from spreading. GPUs are designed to handle bigger tasks like encryption better than CPUs. Some strains of malware have also been known to offload tasks to GPUs to use new APIs that do not trigger security software.

Speaking to CyberScoop, Botezatu said:

Usually encrypting 20 gigabytes of files takes a lot of time. Between the moment encryption starts and finishes, the user can see the tell-tale signs like files not being available. Those victims can shut down the computer and restart in recovery mode to prevent the ransomware from going further. If the attackers expedite the infection, users wouldn’t be able to save anything. They will have to pay up.

Image credit: Wikimedia.