Ransomware Payments

Ransomware Payments

Ransomware payments involve the act of paying a sum of money, usually in cryptocurrency, to individuals or groups responsible for a ransomware attack. Ransomware is malicious software that encrypts a victim’s files or systems, rendering them inaccessible. The attackers then demand payment, typically in Bitcoin or other cryptocurrencies, in exchange for providing the victim with the decryption key.

Bitcoin has undoubtedly facilitated ransomware payments in cybercrime – specifically ransomware attacks. The rise of ransomware attacks (and Bitcoin demanded as the payment method) emphasizes the need for a stronger cybersecurity posture. The cryptocurrency is favored by cybercriminals for a number of reasons. Primarily, it is easily accessible to the victim which makes the transfer of the ransom a smooth process. Furthermore, the payment can instantly be verified by the public blockchain. Additionally, Bitcoin provides the hacker with anonymity since the ransom payment can easily be laundered. A criminal’s dream. Because of these benefits, 98% (Cryptocurrency fuels ransomware payments) of ransomware attacks demand Bitcoin as the payment method.

Ransomware Payments

However, with this figure so high, and the fact that a ransomware attack occurs every 14 seconds on average, it is reasonable to posit the idea that the relationship between Bitcoin and ransomware is reciprocal. In other words, while Bitcoin assists in ransomware attacks, it is such attacks that contribute to Bitcoin’s increasing value (ransomware facts).

Cryptocurrency in general has seen a massive surge in the last few months. The value of all cryptos increasing from $140 billion in March 2020 to $1 trillion in January 2021. However, Bitcoin is the largest and therefore has the greatest impact on the overall value of cryptocurrency. The value of Bitcoin is at an all-time high of just over $30,000 (as of January 2021). In January 2020, Bitcoin was valued at around $7,000, meaning that there has been a year-on-year increase of more than 300%. The second largest cryptocurrency, Ethereum, has seen a much larger year-on-year increase at more than 600%. Nevertheless, it is only valued at around $1,000.

Ransomware Payments

The Recent Rise in Ransomware Attacks

The number of ransomware attacks between mid-2019 to mid-2020 also increased at an alarming rate: by more than 700%, according to cybersecurity researchers (Crowdstrike global threat report). Cybercriminals are constantly seeking nefarious ways to conduct ransomware attacks, and hardware-based attack tools are becoming increasingly popular. By using the hardware attack interface, Rogue Devices go undetected, thereby increasing the chances of success for the perpetrator. By implanting a Spoofed Peripheral or Network Implant within the target, malicious actors can initiate a ransomware attack without raising alarms.

The rising figures of both the number of ransomware attacks and Bitcoin’s value point to a correlation between the two. But, by using the basic economic law of supply and demand, we can see that there might actually be a causational relationship. When demand goes up, but supply remains the same, the equilibrium price increases. But what has this got to do with ransomware attacks and Bitcoin, I hear you ask. It all has to do with the reliance on Bitcoin in ransomware attacks, the frequency of such attacks and the willingness of the victim to pay the ransom (ransomware facts).

Although being advised not to, 45% of victims do pay the ransomware. The decision to pay the money is often because of the sensitivity of the encrypted files. Many targets are of high value, such as healthcare entities or government agencies (who were targeted 700 and 948 times, respectively, in 2019) and therefore cannot afford to risk alternative options. Since almost all ransomware attacks demand payments in Bitcoin, the paying victim has to acquire Bitcoins, thus increasing demand. Because of the frequency of ransomware attacks, the rise in demand of Bitcoin is enough to impact the cryptocurrency’s value. It is important to note, however, that ransom payments actually make up a small proportion of Bitcoin’s daily trading volume. Nevertheless, even small increases in demand can affect the overall price of Bitcoin, both directly and indirectly.

Now that we understand the basics, let’s see how ransomware trends have increased the demand for Bitcoin.

Average Ransom Payment


Ransom Payments on the Rise?

Primarily, ransom payments have increased over the years which contributes to growing demand. The average payment rising from $4,300 in 2018 to $8,100 in 2020. Additionally, many attackers target large organizations which can afford to pay high amounts and will therefore sometimes demand a six-figure payment, such as the $600,000 payment made by the City of Riviera Beach in Florida in July 2019.

However, small and medium-sized businesses (SMBs) are often targets for a ransomware attack due to their limited cybersecurity capabilities, with 60% of SMBs being hit in 2020. In this specific sector, an unsettling 73% opt to pay the ransom – which is often in the region of five-figures. With a large number of victims succumbing to the ransom, and the increase in such payments, the total amount of ransom payments per year is around $1 billion. This significant figure indicates a high demand for Bitcoin, thus impacting its value.

These astonishing statistics also act as an incentive for other cybercriminals. Ransomware attacks evidently have great success, and this increases their appeal. A growing number of bad actors are turning to ransomware attacks, and there has been an influx of ransomware-as-a-service being sold on the dark web which allows a greater number of bad actors to carry out these malicious attacks. Hence, as mentioned, ransomware attacks have increased by 700% in just one year. This figure correlates to the rising frequency of such attacks. One attack occurs every 14 seconds in 2019, up from every 40 seconds in 2018. Naturally, the demand for Bitcoin increases accordingly, thus contributing to the rising value of the cryptocurrency.

The Demand for Bitcoin

Importantly, the growing threat of ransomware attacks has instigated an increase in demand for Bitcoin. This is because of the expensive downtime that a ransomware attack costs organizations, which is actually the greatest cost of such an attack. On average, an enterprise loses $8,500 every hour. To avoid disruption, and these costs, many wealthy companies have started to stockpile Bitcoin in order to be able to immediately respond to a ransomwhere attack. In fact, more than 70% of CISOs say that they have a stockpile of Bitcoin, according to a cybersecurity survey.

So, when Bitcoin’s value reached a record of $30,000 this January, cybercriminals can be thanked for such spectacular growth. Who said these actors only cause damage?

See every known and shadow asset. Prioritize and mitigate risks.
Talk to an expert. It will help you understand how to use Sepio’s patented technology to gain control of your asset risks.

January 18th, 2021