You may have heard of the ‘dark web’ but to most of us it’s just a sinister sounding name. For the world of organised crime though, the dark web is a one-stop robbing shop. It’s a place where crooks can buy ready-made software for extortion, fraud, and intelligence gathering.
Twenty years ago, if a crime boss wanted to get rich quick, they’d get a crew together, buy some hot guns, steal a getaway car and rob a bank. In the digital era, stealing massive sums of money is much less risky, and a lot less dramatic.
To make a big score in 2017 all criminals need to do is get on the dark web, buy some ready-made ransomware and start firing out emails. It won’t even cost them a lot of money to get started; basic ransomware can be had for a few dollars and run on a phone.
Some of the companies making and supplying ransomware today are such slick operations that they provide IT support to their criminal customers.
According to a recent report released by endpoint security company Carbon Black, sales of ransomware on the dark web have shot up 2,500% since 2016.
Basic ransomware can be had for as little as US$0.50 in the illicit software marketplace, so it’s little wonder that this is a booming industry.
Because ready-made ransomware is so cheap and ubiquitous now, it’s no longer only malevolent geeks who are capable of running email scams; pretty much anyone with an internet connection, a few dollars and a conveniently sub-par conscience can get into the ransomware racket.
On the other end of the spectrum, Carbon Black's survey found that nearly 100% of businesses they surveyed would be willing to pay a ransom if their files and documents were rendered inaccessible by malware. That’s a pretty disturbing finding, examined through the lens of economics. With that much willingness by victims of ransomware to pay, this will continue to be a highly lucrative crime category. Where there’s a dollar to be made, there will always be more crooks looking to get lucky, so the astronomic growth in ransomware attacks is likely to continue.
At this point you might be thinking, ‘well it probably won’t happen to my business and even if it does we’ll just pay the ransom and get on with it.’
It might seem like a small inconvenience to deal with a ransomware scam; pay a few thousand dollars and get your files back; not such a big deal, right?
The thing business owners forget to factor in is the collateral damage done by a ransomware attack. With the computer system locked up, business will pretty much grind to a standstill.
No communications.
No access to accounts.
No payroll facilities.
No ability to do work of any kind.
Add to the above, the damage to a company's reputation that being involved in a ransom attack will cause, and the cost of lost opportunities during the time that the computer system is frozen, and you are potentially talking hundreds of thousands of dollars in collateral losses.
The impact from cybercrime attacks resonates through every aspect of a company’s business. The perceived vulnerability to attack erodes an organisation’s standing with supply chain partners, investors and the public alike.
In his keynote speech at Microsoft Inspire 2017, Brad Smith - Microsoft President and CLO - called the rise of cybercrime a “wake-up call” and went on to say that “cybersecurity is global in scope and paramount in importance.”
Businesses invest millions in network security and antivirus, yet despite their best efforts, they are collectively losing billions of dollars each year to cybercriminals.
While most businesses use some sort of endpoint virus protection on their computer systems, there is a dawning realisation in the IT world that such measures are no longer effective.
In his MS Inspire keynote presentation, Brad Smith emphasised this gap between the perceptions of the business community and the actual threat posed by contemporary cybercrime, saying; “You can’t defeat the threats of the present with the tools of the past.”
“What we’ve learned is that 90% of all security intrusions start the same way, with an email and a link that takes somebody to a harmful website. Every company has at least one employee who will click on anything, and that is pretty hard to protect against.”
- Brad Smith: President and CLO of Microsoft.
If your company is using an integrated productivity platform like Office 365, then you already know the benefits of cloud-based technology. For a few dollars per staff member per month, you can protect your business with MailGuard's cloud-based email and web filtering security.
Talk to an expert at MailGuard today about making your company's network more secure against ransom attacks.
If you’re experiencing problems, you can speak to one of our cloud security specialists, obligation free, on: 1300 30 44 30