Ransomware’s Extreme Profits Should Be a Cause for Concern for SMBs

There are many cybersecurity threats out there, but the one that has cemented itself in the minds of business owners in recent years is ransomware. Ransomware encrypts data on the victim’s devices, forcing them to pay a ransom for the decryption key. As you might imagine, this practice is quite lucrative for cybercriminals—some more than others, of course.

The profits generated by cybercriminals utilizing ransomware are increased further due to the double-extortion methods that have been introduced. Ordinarily, your company might simply restore a data backup to get around paying the ransom, but double-extortion complicates this practice somewhat. Double-extortion involves the threat actor threatening to release the encrypted data on the Internet if the victim refuses to pay up. This presents several other issues involving data privacy and other regulations, not to mention the hefty price tag associated with not only paying the ransom, but the fines associated with the aforementioned data privacy laws.

Let’s take a look at the most profitable ransomware organizations (profits are in the form of Bitcoin), as reported by TechRepublic.

• Conti: $12.7 million
• REvil/Sodinokibi: $12.1 million
• Darkside: $4.6 million
• RagnarLocker: $4.5 million
• MountLocker: $4.2 million

You will notice that many of them have been in the headlines over the past several months. It just goes to show that ransomware is not only high-profile, but also highly profitable—a combination of which must be considered a serious threat to your company. Furthermore, you might also notice that some of these profitable ransomware strains top this list because of their ransomware-as-a-service business model in which hackers pay the developers to infect victims with the threat.

In the event of a ransomware infection, we always encourage victims to resist paying the ransom and to immediately contact a cybersecurity professional. We realize, however, that this is not always possible due to the double-extortion methods detailed above. Indeed, it is better to prevent infections in the first place through proactive security planning and network monitoring.

You must be prepared to handle everything the world throws at you, period. This might seem overwhelming, especially since you cannot predict what will happen to your organization in the near future, but you cannot let this fear of the unknown paralyze you into inaction. If you fail to secure your business from ransomware, it could set your company back substantially. Don’t let ransomware threats dictate the trajectory of your organization’s operations. Arm yourself against them with comprehensive security solutions that meet best practices before it’s too late.

BNMC can help your business overcome these challenges. To learn more about our security solutions, reach out to us at (978) 482-2020.