Criminals chase the market, and this year the hottest market has been in hacking businesses’ data and holding it for ransom.
Since the hack of Hollywood Presbyterian Medical Center in February, in which its data was scrambled by a so-called ransomware program and only unlocked after it paid $17,000 in bitcoins, the number of such attacks is up three-fold over the same period last year.
Nearly 1 million such ransomware attacks have occurred thus far this year, a rate of more than 4,000 a day and a 300 percent increase over 2015, according to a report by the FBI. One reason: The hospital paid quickly, which appears to have sent a signal to the black market.
“It was very clear that one hospital was willing to pay the ransom and so hospitals began to get targeted because of that,” said Kevin Haley, director of security response for Symantec’s security response division in Culver City. “They are going to look where they can get the most bang for their buck with these attacks.”
It’s not just hospitals that are getting hit with ransomware – small and large businesses alike are falling victim to attacks because the crime is easier than ever to commit and companies are juicy targets, said Haley.
“The bad guys love businesses more than end users because they tend to have more money in their account,” he said.
There have been rumors of attacks in Los Angeles recently, but despite the volume few businesses are willing to publicly acknowledge they have been hit. That’s in part because they don’t want to make themselves known as susceptible and in part because the amounts extorted tend to be nominal.
Though most businesses don’t pay ransoms nearly as high as Hollywood Presbyterian – a targeted and sophisticated attack – the market for stealing company data is booming, said Austin Berglas, senior managing director at K2 Intelligence in New York.
“I’d say that $300 to $500 is where you will find the majority of these schemes,” he said, noting that many are random spam-based phishing attacks, which rely on unwitting users accidentally clicking on bad links or attachments that contain viruses.
“If you send out 200,000 loaded emails with an attachment and 10 percent click on that, that’s a pretty good payday,” he said.
Crimes of opportunity
Low barriers to entry and a high payoff are encouraging cybercriminals to take up the practice ransoming businesses’ data, said Juan Andres Guerrero-Saade, a Miami-based senior security researcher with cybersecurity software maker Kaspersky Lab.