Carbon Black has recently issued the Ransomware report showing the frightening figures: growth rate > 2,500% per year (from 2016 to 2017).

 

Key findings (USD prices):

• Ransomware is sold on 6300+ marketplaces with 45,000 product listings
• Prices for do-it-yourself kits range from $0.50 to $3,000 (Median price ~$10.50)
• Profits from selling ransomware on the Dark Net have grown from an estimated $249,000 in 2016 to g $6,230,000
• Ransom payments:  $24M in 2015 grew to $1B in 2016 according to FBI reports and that trend is likely to continue through this year
• Some sellers of ransomware are making more than $100K per year (compared to $69K for a legitimate software developer according to figures from PayScale.com)

 

 

Should you pay?

Reasons against paying the ransom:

• There’s no guarantee you will get the decryption key
• Paying a ransom only incentivizes future ransomware campaigns

 

Be prepared:

• Patch management and exposure mitigation strategies for critical resource
• Backup and restoration plans for critical data
• Acquire: IDS (Intrusion detection system), AV (Antivirus), FW (Firewall)

(Source: https://www.carbonblack.com/wp-content/uploads/2017/10/Carbon-Black-Ransomware-Economy-Report-101117.pdf ; image source:anewdomain)