According to the 2018 Data Breach Investigations Report, in 2017 there were 53,308 cybersecurity incidents worldwide with more than 2,200 data breaches. As a percentage of all malware incidents, ransomware incidents have risen dramatically since 2013. More than 40% of malware incidents involved ransomware in 2017. Ransomware is a type of malicious software that prevents a user from accessing their computer or mobile device, either by disabling the operating system or encrypting files, until a ransom is paid. The ransom usually totals a few hundred dollars per infected computer. Ransomware can infect servers as well as individual devices. People clicking on an infected email attachment, visiting infected websites or clicking on ads that contain malware are some ways that computers can get infected. Ransomware targets vulnerabilities in software. Updates to software attempt to remove these vulnerabilities so that cybercriminals can’t exploit them.
According to the FBI, ransomware infects more than 100,000 computers worldwide per day and payments to cybercriminals total nearly $1 billion per year. However, the cost of a ransomware attack goes beyond the payment to the attacker. Even after paying the ransom about 20% of companies do not get their data back. The costs associated with business downtime, recovery of files and increased spending on cybersecurity are many times greater. According to Kaspersky Lab, in 2016 the average ransom demand was $300, but the average cost to a small to medium-sized company due to a ransomware attack was $99,000. Globally, the cost of cybercrime is expected to reach $6 trillion by 2021, up from $3 trillion in 2015. Today’s market size shows the minimum amount of ransom paid to cybercriminals in Bitcoin from 2013 to mid-2017 based on analysis of 35 ransomware families. As of May 2018, there were more than 500 known families of ransomware that demand Bitcoin as payment.
Geographic reference: World
Year: 2013 to mid-2017
Market size: $12.8 million
Sources: Alex Lielacher, “Size of Bitcoin Ransomware Market ‘Overhyped’ in the Media,” Brave NewCoin, April 23, 2018 available online here; “Deputy Attorney General Rod J. Rosenstein Delivers Remarks at the Cambridge Cyber Summit,” The United States Department of Justice, October 4, 2017, updated October 6, 2017 available online here; Masara Paquet-Clouston, et. al., Ransomware Payments in the Bitcoin Ecosystem, May 2018 available online here; 2018 Data Breach Investigations Report, 11th Edition, Verizon, April 2018 available online here; “The Cost of Cryptomalware: SMBs at Gunpoint,” Kaspersky Lab Daily, September 7, 2016 avalable online here; Tamara Chuang, “Inside the Profitable Underworld of Ransomware,” Government Technology, March 5, 2018 available online here.
Image source: TheDigitalArtist, “ransomware-cyber-crime-malware-2320941,” Pixabay, May 18, 2017 available online here.