Study Finds Most Ransomware Solutions Just Pay Out Crypto

Published on by Coindesk | Published on

A study by ProPublica found that most ransomware solutions providers have one weird trick for getting rid of hackers - paying them off.

Ransomware activity is growing weekly according to experts at CoveWare.

The ransom increase reflects increased infections of more expensive types of ransomware such as Ryuk, Bitpaymer, and Iencrypt.

These types of ransomware are predominantly used in bespoke targeted attacks on larger enterprise targets.

Proven Data promised to help ransomware victims by unlocking their data with the "Latest technology," according to company emails and former clients.

After US Attorney General traced and indicted two Iranian hackers for releasing ransomware called SamSam, authorities hoped the prevalence of attacks would fall.

Many of these companies offer recovery methods and many security researchers work on free methods this one for the popular WannaCry ransomware.

CoveWare CEO Bill Siegel has found that the average ransomware recovery isn't really a negotiation with "Terrorists" as US Government officials believe.

They've negotiated a "Few hundred" ransomware cases this year and find that each hacker is different and often just frustrated.

"We study their communications patterns so that we can build up a database of experience. There is a surprisingly small group of threat actors that are active at any given time, so identifying them is relatively straight forward. From there, we have scripts and tactics that we have honed over our experience. We draw on those to develop a negotiation strategy on behalf of our client. We know the hackers based on the profile and patterns they exhaust. We don't communicate with them outside of representing our clients in a negotiation. All of the data exhaust we create from our cases is provided to law enforcement on a quarterly basis as well."