It brought down health and educational facilities and hundreds of companies ... ransomware gangs grow with victims' money

Ransomware attacks are one of the worst cybercrime in the world, as criminals gain control of corporate computer networks, encrypt their data with secret codes and demand funds for their release that they will reuse in more sophisticated attacks in what looks like a vicious circle, in the opinion of information security experts.

Business Insider says that companies crippled by hacker attacks paid an average of 312,493 dollars in 2020, which is 3 times the average of the previous year.

The criminals reinvest their profits in more efficient and sophisticated operations, making them launch bigger and more daring attacks.

No solutions

Ransomware gang networks in the past year alone have shot down about 560 healthcare facilities, 1681 schools and colleges, and more than 1,300 companies, according to Emsisoft, a New Zealand cybersecurity company that helps ransomware victims recover their data.

"I don't see the end of the tunnel light," Josh Mota, chief executive of cyber insurance company Coliton (Coalition), which helps companies affected by the ransomware, told Business Insider.

Other e-insurance companies also cover data theft, breaches, and social engineering attacks.

"We haven't done a great job," said John DiMaggio, a veteran cybersecurity researcher at Analyst1, noting that while the cybersecurity industry struggles to tackle ransomware, its practitioners are thriving.

Ransomware attacks last year grew by 435%, according to Deep Instinct, a New York City startup that uses artificial intelligence to fight attacks.

Ransomware could cost companies $ 20 billion this year, but the truth is that no one knows the exact cost, as many victims acquiesce in the demands of the attackers and pay them instead of reporting the crime.

And new research from Kaspersky found that 56% of ransomware victims pay.

Hackers have tightened the screws on victims over the past two years by posting their stolen data if they don't pay.

This method of extortion, which exposed classified data and even plans for military weapons, increased the pressure on companies to pay.

In the United States, law enforcement agencies are struggling to partially tackle ransomware (Reuters)

An alliance to help businesses

There is a coalition of major insurance companies that helped finance cybersecurity insurance programs, a booming market that is expected to grow from $ 7.8 billion in 2020 to 20.4 billion in 2025, and aims to accelerate relief for victims of ransom programs by helping companies return to work.

The FBI is urging companies not to pay, and a former British cybersecurity official went much further. Kiaran Martin, a former UK chief cybersecurity official, accused cybersecurity firms of "financing organized crime" because they facilitate payments to gangs of programs. The ransomware.

However, governments have not had much success in tackling crime.

In the United States, law enforcement agencies are struggling to tackle ransomware, in part because many criminal gangs are located in Russia, where the government protects them from extraditing criminals for prosecution for internet crimes.

Motta, chief executive of the Alliance of Insurers, said his company was working with counterparts to enhance their security, respond to attacks and make payment a last resort.

He believes that paying a frequent ransom demand, which could amount to $ 30 million as seen in the 2020 attack, would be a very poor business model.

"Insurance companies are losing money because of the ransom programs. We are very excited to fight them in every way we can," he explained.

Insurance is a goal

But at the same time, ransomware hackers sometimes target insured victims.

Researchers from Cisco's Talos Intelligence Group conducted a rare interview with a ransomware hacker earlier this year in which he said that if a victim has an electronic insurance plan, the ransom payment is "guaranteed." ".

Kaspersky security researcher summarizes the pros and cons of insuring ransomware by saying, “Cutting the flow of funds, regardless of how, is the only way to affect the system for ransomware. On the other hand, insurance companies are well positioned to implement best security practices for their customers and may They play an important role. "

Profits in private operations

Whether the payments come through insurance companies or from companies under attack themselves, they finance the gangs' advances.

"They are investing in developing automation tools," says researcher DiMaggio, using machine learning to find and exploit loopholes in corporate defenses.

It used to take weeks for the gangs to grab organizations' data and demand a ransom, he explained, but now it can be done in hours.

DiMaggio adds that the gangs deliberately attack the victims 'websites with a large amount of data to disrupt their systems, and the gangs also threaten to reveal victims' data and interview journalists to promote their operations.

Insurance companies say that addressing ransomware is more than just a cybersecurity problem, it is also an issue of international relations. “This is a transnational organized crime. It will take more than just law enforcement and a great deal of diplomacy.”