16 October 2017

Ransomware economy heats up

Carbon Blacks Threat Analyst Unit (TAU) has launched an investigation into the Dark Web and found a 2,502% increase in the sale of ransomware from 2016 to 2017. According to The Ransomware Economy report, 2017 is shaping up to be the most notorious year on record for ransomware, says the security firm.

It is all about supply and demand, Carbon Black said, with cybercriminals seeing that they can make money easily through ransomware. "Unlike many other forms of cyberattacks, ransomware can be quickly and brainlessly deployed with a high probability of profit. As our research found, these Dark Web economies are empowering even the most novice criminals to launch ransomware attacks via do-it-yourself (DIY) kits and providing successful ransomware authors with annual incomes into six figures," stated the company in an executive summary to the report.

According to the research:

- There are currently 6,300+ estimated Dark Web marketplaces selling ransomware, with 45,000 product listings. Prices for do-it-yourself (DIY) kits range from US$0.50 to US$3,000. The median price is just US$10.50.

-  The ransomware marketplace on the Dark Web has grown in value from US$249,287.05 to US$6,237,248.90, from 2016 to 2017 year-to-date, a growth rate of 2,502%. This economy extorts, according to the FBI, ransom payments that totalled about US$1 billion in 2016, up from US$24 million in 2015, according to the Symantec Internet Security Threat Report (volume 22) released in April 2017.

- Some sellers of ransomware are making more than US$100,000 per year simply retailing ransomware. In contrast, a legitimate software developer earns US$69,000 on average according to figures from PayScale.com. In Singapore, the average is S$49,014 per year. 

- The most notable innovations contributing to the proliferation and success of the Dark Web ransomware economy have been the emergence of Bitcoin for ransom payment, and the use of the anonymity network Tor to mask illicit activities.

- Ransomware sellers are increasingly specialising in one specific area of the supply chain, further contributing to ransomware’s boom and economy development.

Source: Carbon Black. Ransomware sales have gone through the roof this year.
Source: Carbon Black. Ransomware sales have gone through the roof this year.

Read The Ransomware Economy report (PDF)