New details presented at RSA 2020 outline which ransomware variants are the highest paid over the last 6 years and what was their share of the millions paid in ransom.
Joel DeCapua, a special agent in the FBI’s global operations and targeting unit recently spoke at the 2020 RSA Conference in a session entitled Feds Fighting Ransomware: How the FBI Investigates and How You Can Help. In this session, attendees were able to get a sense of the severity of the problem of ransomware. According to DeCapua, a total of $144.35 million in ransoms were paid between January of 2013 and July 2019. The biggest “winners” in ransomware are:
- Ryuk – taking in $61 million
- Crysis/Dharma – $24 million
- Bitpaymer - $8 million
- SamSam - $6.9 million
In most cases, the ransomware variants haven’t even been around the entire 6.5 years covered by DeCapua; Ryuk, for example made its’ millions between February 2018 and October 2019.
While most organizations and law enforcement take the stance of not paying the ransom, recent trends in ransomware with data being stolen to help extort the ransom, as well as threats to publish stolen data publicly for the same purpose, it’s getting tougher for organizations to have a game plan other than to pay once an attack has successfully encrypted their data.
The best plan for ransomware today is to go on the offensive, looking to beef up security that includes Security Awareness Training for users to they become more aware of how to assess email and web content for suspicious or malicious content. By including users in the security strategy, organizations better address ransomware attacks well before any damage is done.