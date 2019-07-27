You’re probably reading more and more headlines regarding the price of Bitcoin going up. This year it’s up almost 300 percent on any given day. I don’t suggest you invest in it as it is very volatile and it’s still about 50 percent lower than it’s all-time high.
The increase in price does have a positive effect on people who are victims of malware, though. A few years ago, we were reading about malware (dubbed ransomware) that would infect a machine and encrypt the files on it. The only way to decrypt the files would be to pay money to get the decryption keys. Today, malware that gets into a personal computer is probably just going to mine a crypto currency because of the increased value.
But that doesn’t mean ransomware is gone.
Ransomware is a billion-dollar-a-year industry, if you believe GrandCrab, a company that made ransomware and sold it as a service. They created the ransomware and others would do the work of infecting machines. Once the machine was infected, GrandCrab would handle contacting the victims and deal with the payment and decryption. They did all of this for a small percentage of the overall payment.
GrandCrab claimed in the time that they were operating (less than two years), their customers made more than $2 billion, and they themselves made more than $150 million from fees. The good news is they’re shutting down after making that much money, claiming to have enough to live comfortably and don’t want anymore.
But if personal computers are mostly being infected with crypto currency miners, who is paying money for ransomware? Individuals still get hit with it, but medium-sized cities and organizations are being targeted now.
A little more than two years ago I wrote about the WannaCry ransomware that went around the globe infecting computers. The National Health Service in England went down for days because of it. Just this year in the U.S., cities have been hit with it and they’re paying up after seeing how much it costs to remediate the problem.
City employees are targeted with emails that try to trick them into clicking links or opening documents that let ransomware into the city network. From there, the ransomware can paralyze city services, from not being able to collect payment to disabling emergency services, such as 911.
The city of Baltimore was hit with such an attack in May and was asked to pay $100,000 worth of bitcoin to the attackers. They refused and instead rebuilt their systems. The total cost to Baltimore to do so was a little more than $18 million.
Two smaller cities in Florida were recently attacked. Riviera Beach, a town of 30,000 people, and Lake City, a town with 12,000 residents, were both hit with ransomeware last month. The attackers didn’t contact Lake City, they went straight to the insurance provider.
Both cities were asked for around $500,000 worth of bitcoin and each town decided to pay. They were both insured and only had to pay their deductible of $10,000, while their insurance companies paid the rest. To their credit, the attackers gave each city the decryption keys the same day as payment so the cities were able to get up and running quickly.
It’s an easy choice to make. Pay $10,000 and get the city back up and running in the next couple of days or spend millions and take months to get everything set up again. But we don’t know for how long insurance companies will keep insuring against ransomware attacks. Certainly, the cheapest thing to do is to avoid being hit with ransomware in the first place.