As businesses and trade groups lobby for legislation that would require businesses to report cyberattacks, Jack Cable, a former US cybersecurity and Infrastructure Security Agency worker has started a ransomware payment tracking site called ransomwhe.re.
The free database allows victims of ransomware to anonymously self-report payments made to hackers. Information is verified by uploading a screenshot of the ransom note and payment.
See Related: Check This Resource Out Before Paying a Ransom Or Restoring Data
According to the site, as of August 2021, ransom payments have reached an all-time payout of about $38,815.83 in bitcoin or over $97 million in USD. Some reports have placed total ransomware revenue in 2020 at up to $350 million.
The Top Ransomware Payment Operators
Here’s the list of top ransomware-as-a-service operators with the most dough:
Netwalker (Mailto) leads the list with a whopping $27 million in payments. Experts say it’s the fastest growing ransomware. Criminals who employ this tactic establish a foothold in the through phising emails, followed by exfiltrating and encrypting sensitive data to hold hostage for a large ransom. They will then leak a sample of the stolen data, claiming if the victim does not pay on time, they will release the rest online.
Criminals behind the Locky ransomware have collected at least $14 million in ransom payments. The malware, released in 2016, is delivered by email with a Microsoft Word attachment that contains malicious macros. When a user opens the document, it appears in gibberish and a pop to “enable macro if data encoding is incorrect,” will appear. Files on the users’ computer are encrypted, rending them as unusable, and then held hostage until a ransom is paid.
About $12.7 million in ransom payments has gone to Conti. The hackers behind this type of ransomware attack tend to go for global healthcare systems, government, private organizations, and critical infrastructure agencies. In June, the FBI sent out an alert noting the prevalence of these attacks on law enforcement agencies and emergency medical services.
Ransomware is becoming quite a lucrative business and it’s certainly not reassuring to see the large amount of money going into this. Make sure your organization does not fall victim to an attack.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply