Over the last few years, technologies and infrastructure, in the form of crypto-currencies, the dark web and well-organized criminal affiliate programs have aligned to create the perfect storm. And from that storm, the crypto-ransomware beast has arisen.
There’s a reason why crypto-ransomware is making the news almost daily – it’s unique compared to every other threat we’ve seen in the last few years in that it offers a tangible service to the victim – pay the ransom and you get your files back. And, as we’ve seen in an increasing number of high-profile cases, this is exactly what people are doing. There’s no need to remind you of a recent case where a hospital shelled out a considerable sum of Bitcoin to recover their infrastructure. It has been estimated that the crypto-ransomware industry makes as much as 100,000,000 EUR per year.
Crypto-ransomware continues be a lucrative money-making vehicle for criminals, and it’s possible it will continue displace alternative malware models such as banking trojans as time goes on. As with all business, focus must invariably shift into models that optimize and improve return on investment. We liken the business models of today’s ransomware campaigns to those of the early Internet era – still very simple in nature and largely unfocused. The bottom line is there’s still a great deal of room for creativity and innovation. The business models behind crypto-ransomware are slowly maturing and recently we’ve started to notice some attempts at innovation.