Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment.Ransomware attacks on the economy are growing increasingly.
Ransomware Economics
Ransomware is a product with negative value, where the victim can avoid costs by paying for the product. Since the product is destructive rather than constructive and relies on threatening the value built by others, it is parasitic and criminal – but still subject to economic principals.
Some attackers taking advantage of the ransomware phenomenon make “poor quality” products that destroy resources without offering the ability to recover them. Some attackers do not or cannot consistently provide the ability to recover the resources lost, even upon payment.
Current Threats
Current indications are that ransomware price demands are increasing, which likely means the market (such as it is) has not yet reached an equilibrium. When that occurs, some of the mitigating economic pressure on producers of poor quality ransomware will be removed. This appears to be bolstered by the fact that the number of ransomware attacks also continues to increase.
While ransomware has technically been around since the ’90s, it’s only taken off in the past five years or so, largely because of the availability of untraceable payment methods like Bitcoin.
Ransomware attacks are increasingly impacting businesses on a global scale. These attacks are continuing to accelerate because they are extremely lucrative for the attackers, according to Forrester.
Some examples of recent attacks are AXA Asia, FujiFilm, New York City’s transit system (M.T.A), and JBS (the world’s largest meatpacking company) are among the companies that recently joined SolarWinds and Colonial Pipeline as victims of ransomware attacks.
Some advice on best practices to threat attacks:
- Secure your privileged accounts immediately and require multifactor.
- Ensure that you have endpoint protection deployed to all of your computers and servers.
- Security hygiene is key to helping prevent and ultimately contain ransomware.
- Robust backup and data storage strategy should be priority.
SUMMARY
The problems caused so far by ransomware only hint dimly at the paradigm’s future destructive potential. We need to apply foresight – paying heed to early warnings that are signs of possible, if not likely, things to come. Those steps must be taken soon, however, as applying simple economics shows that it’s only a matter of time before the problem gets worse.