Ransomware; What Happens After You Pay the Ransom?

Recently, a very well-to-do hospital in LA was forced to pay a bitcoin ransom after hackers disabled their computer system. The hospital’s administration folded and paid after a few days of taking notes on paper and hoping there was some other way to regain access to their computers.

A recent study conducted by Intermedia stated that companies can actually lose more money from the time they spend unable to conduct business as usual than they do from paying ransoms to recover data encrypted by malware.

According to the study, about 72 percent of companies infected with ransomware were unable to access their data for at least two days because of the ransomware attack, while over 30 percent were forcibly kept from their data for five days or more. The report’s findings were based off a survey of over 300 IT consultants.

ran2“If you’ve got a large number of users and downtime runs into multiple days, then the cost of that downtime adds up pretty quickly to the kind of ransom amounts that cybercriminals are demanding potentially,” stated Richard Walters, senior vice president of security products at Intermedia.

Unfortunately for IT consultant companies, they’re vulnerable to those losses whether or not a company has taken precautions to back up its data: “You have to contain the infected systems, then wipe them completely and then restore them,” explained Walters. “That process in more than half these cases took longer than two days.”

For this exact reason, many companies have seen fit to take their chances and pay the ransom.

“If you pay the ransom, there’s a one in five chance you won’t get your data back,” explained Walter. “There are much worse odds.”

Another worrying statistic unearthed by Intermedia related to the increasing size of the businesses that cyberextortionists are victimizing. Nearly 60 percent of businesses hit by ransomware had 100 employees or more, where 25 percent had more than 1,000 employees.

The number of randomware victims is also steadily growing. According to Intermedia, more than two out of five (42 percent) consultants polled for the survey had customers who had been infected with ransomware at some point. Half said they’d received ransomware-related support inquiries, and 59 percent stated that they expected attacks to increase this year.

Despite the pessimism and worry of many IT companies, other companies see the issue as an opportunity.

pir“What we know is that every country that’s migrated to EMV has significantly reduced the amount of fraud for card-present transactions,” Stated Martin Ferenczi, president for North America at Oberthur Technologies.

EMV involves a layer of security added to payment cards that make it a much more complicated process to counterfeit a card without the proper authentication.

“Immediately, the fraud moves to card-not-present transactions. Those transactions are used on the Internet and for phone orders,” Ferenczi explained. “We need to find an easy solution to reduce that fraud.”

Oberthur’s solution is to create payment cards with CVV codes that constantly change. So long as there is a CVV number generator that is synchronized with the card’s issuer’s servers and knows that every card’s CVV will be at any given point, it should be considerably more difficult to pull of card-not-present frauds.


Leave a comment

Your email address will not be published.