Companies are victims of ransomware attacks every 11 seconds this year, according to research firm Cybersecurity Ventures. Some, like the Colonial Pipeline, admit that they have no plans for when it will happen.
Some companies have never dealt with Bitcoin, the currency of choice for virtually all ransom payments.
Rick Holland, Chief Information Security Officer, Digital Shadows, a cyber threat intelligence company, said:
“Insurers may provide guidance on payment methods and recommend companies to work on them,” continued the Netherlands. “The robber will give instructions on how to set up a Bitcoin wallet and where to raise Bitcoin.”
Some companies make last-minute raids to handle logistics. One example is Digital Mint, a full-service final mile crypto broker.
Marc Grens, co-founder and president of Digital Mint, explains:
“We are hired specialists. Forensic consultants, companies, and stakeholders have determined that they have run out of all options and that paying a ransom is the best way to move forward from an economics perspective. After that, that’s when they move forward. Come to a company like us so that you can get cryptocurrencies anytime, day or night, “Grens told CNBC.
DigitalMint can pay the victim’s ransom within 30-60 minutes of the first contact. This includes an exchange for screening to ensure that hackers are not tied to a licensed country in the United States, entering the open market, ordering books, and obtaining the cryptocurrency needed to pay the ransom. It is included.
According to the company, 90-95% of the ransom is paid in Bitcoin, but monero is an increasingly popular option. Monero is considered a privacy token, giving cybercriminals more freedom from the tracking tools and mechanisms that Bitcoin blockchain brings.
DigitalMint states that the median payment has been $ 800,000 since January 2020, boosting more than $ 100 million in ransomware payments.
Last year, crypto ransomware payments were more than quadrupled from 2019 levels to $ 350 million, according to Chainalysism, but Digital Mint may have conservatively stated this number on CNBC. He said it was expensive. Glens believes the real number is close to $ 1 billion.
In April, task forces such as Amazon Web Services, Microsoft, the FBI, and the Secret Service issued recommendations to the White House on how to combat ransomware threats. A group of more than 60 members was split on the issue of whether to ban payments to attackers.
Part of the problem is that threat actors are familiar with ransom pricing.
“If they ask too much, forensics will do a feasibility study and say,’Well, that’s too much. Let’s rebuild the system, take risks and not pay,’” Glens said. Told.
At some point, it is more economically feasible to just pay the ransom than to bleed cash for a paralyzed operation.