By George Rotsch
Do we all remember the “Father of Economics” and the invisible hand that regulates free markets based on supply and demand and self-interest? The Ransomware Pirates seem to remember. These pirates may not live in a free economy but they are profiting by taking advantage of the lessons of Adam Smith.
In a recent study, Google announced that victims of Ransomware paid an amazing $25 MM to buy access to their own data. “It’s become a very, very profitable market and is here to stay,” said Elie Bursztein from Google who, along with colleagues Kylie McRoberts and Luca Invernizzi, studied Ransomware and made a report in July.
Ransomware is a type of malware that prevents or limits users from accessing their data by locking the users’ files until a ransom is paid. Ransomware has become an almost unavoidable threat in recent years. Once a system is infected, the program encrypts all local files with a private key held only by the attackers, who demand thousands of dollars in bitcoin to allow the user access to the data again. It’s a destructive but profitable attack, one that’s proven particularly popular among cybercriminals. As a result, it is lucrative for the gangs of international pirates and we can see why. It’s economics!
First, Supply and Demand sets pricing… These pirates set the price for your data at the point where the demand and supply curve meet…. just as Adam Smith would do. Once they lock down your data, they don’t want your first-born child for the privilege of regaining control of your data. Instead they just want $2,500 if you are a small business in Delaware, or $5,000 if you are a law firm in Philly, or $17,000 if you are a hospital in Missouri. They know that you will face a difficult choice if they price it right. How much is all your work for the past six-months or a year worth to you? They set the ransom price so you will pay it. Adam would be proud.
Second, the “Invisible hand self-regulates” the market… They seem to understand much more than pricing in a free market. They understand the concept of the invisible hand and self-regulating market involving self-interest. Besides being literally “invisible” to the authorities, they are self-motivated and incentivized to provide good customer service. Except for stealing your data in the first place, they are surprising good at fulfilling their end of the deal. They know that this is a business and want you to trust them so that you will buy back your data… and when you do pay, they return your data quickly, just as they say they will. Several businesses have been attacked more than once. They want to earn your repeat business again and again. And, it’s in their best interest to provide a clean service so victims will not bother to report them and they stay invisible.
Finally, New competitors enter a profitable market… This cybercrime business is so profitable, there are always new competitors, new entrants to the market, and they are innovating. “Ransomware is a fast-moving market,” reports Google’s Mr. Bursztein. “There’s aggressive competition coming from variants such as SamSam and Spora.” Today’s Ransomware pirates are better at dodging anti-virus protections and creating more enticing, real-looking methods to fool average computer users. New players are entering the industry and expanding quickly. Many are growing quickly by paying affiliates more if they help by placing the malware onto large numbers of machines. The ransomware-as-a-service model is proving popular to the new generation of cybercriminals and pirates.
At TechSolutions, we see Ransomware as a real threat to small/mid-sized businesses in Delaware. The economics just makes it easier to understand why. TechSolutions is introducing a unique three-step program designed to protect your organization from the threat of ransomware. This 1 hour, three-part program is a business-wide campaign that will be informative, impactful and sometimes even fun. If you are looking to protect your business from Ransomware pirates, call us. We can help.