The Future of Ransomware Payments
by Vertek Labs
As cryptocurrency evolves, it’s safe to assume that ransomware will develop similarly. Cybercriminals have already started to demand payment in the form of crypto or NFTs, which can cause problems for investigators in general.
It’s essential to note that making a ransomware payment is not illegal, which can cause problems for investigators and raise eyebrows. Victims who pay ransom groups will only fund more attacks and contribute to more criminal activity. Additionally, paying ransom groups creates an easy target on your back and due to the nature of criminality you have no guarantee that the ransom groups will honor their word. Once you pay them, other ransom groups will know that you’re someone who pays quickly, making you vulnerable to future attacks. Overall, paying ransom groups creates a vicious cycle that only leads to more victims, but when it comes to crypto and NFTs, repayment just causes even more problems. When you pay with crypto and NFTs, it makes it harder for investigators to track ransomware payments. Typically, ransom groups demand anonymous online payment, but with crypto, payment methods are even more accessible for attackers and harder for victims.
So, what are the forms of crypto and NFTs that we see being used by ransom groups? Bitcoin is currently the most widely used form of crypto by ransom groups. But we also see a rise in Monero crypto. Monero crypto is a cryptocurrency that utilizes blockchain with privacy-enhancing technology. This makes it that much harder to decipher addresses from Monero. Ransom groups have always been cautious to ensure authorities can’t track them, but crypto makes it that much easier. Cryptocurrency, though, isn’t always the only method of payment ransom groups may use.
Some other payment methods that are becoming increasingly popular are:
- Installment plans: Installment plans are what they sound like. You would pay the ransom group in multiple installments until the fee is paid.
- A La Carte Pricing: This is where you pay for different “services.” For example, you would pay a certain amount if you want your data decrypted. And if you wanted them to erase the data from their side of things, you would pay another fee.
- Partial Sharing of File Listings: In this case, ransom groups will only share a partial list of their data or even not tell you at all.
- Paying for File Listings: A ransom group makes you pay for the file that lists all the data they have taken.
We will see ransomware payments continue to evolve as technology continues to evolve. The best way to be proactive in your protection is to focus on preventive methods. Some preventative methods include having multiple security measures for your business’s network. Multiple security measures will significantly improve your security and offer a multi-layered defense. Also, staying on top of regularly updating your systems will help patch and minimize any vulnerabilities. Finally, ensure your employees are up to date on proper cybersecurity measures, urging them to avoid clicking suspicious links and emails. An excellent preventative solution is Vertek’s ransomMDR solution. ransomMDR is the ultimate solution to prevent and protect from ransomware and recover in the case of an attack. The preventive stage focuses on pre-execution, exploitation, behavior, and then if needed, recovery and resilience. If you’re interested in learning more, contact Vertek today!
Sources:
https://www.fortinet.com/blog/industry-trends/paying-ransomware
https://www.secalliance.com/blog/the-rise-of-cryptocurrencies-in-ransomware-payments
Recommended Posts
Microsoft Exposure Assessments
October 29, 2024
Cybersecurity Concerns for Remote Workers
September 3, 2024