Carbon Black has recently issued the Ransomware report showing the frightening figures: growth rate > 2,500% per year (from 2016 to 2017).
Key findings (USD prices):
- Ransomware is sold on 6300+ marketplaces with 45,000 product listings
- Prices for do-it-yourself kits range from $0.50 to $3,000 (Median price ~$10.50)
- Profits from selling ransomware on the Dark Net have grown from an estimated $249,000 in 2016 to g $6,230,000
- Ransom payments: $24M in 2015 grew to $1B in 2016 according to FBI reports and that trend is likely to continue through this year
- Some sellers of ransomware are making more than $100K per year (compared to $69K for a legitimate software developer according to figures from PayScale.com)
Should you pay?
Reasons against paying the ransom:
- There’s no guarantee you will get the decryption key
- Paying a ransom only incentivizes future ransomware campaigns
- Patch management and exposure mitigation strategies for critical resource
- Backup and restoration plans for critical data
- Acquire: IDS (Intrusion detection system), AV (Antivirus), FW (Firewall)