The sudden increase in ransomware seems to be linked to vulnerabilities, ease of payment, behaviors, and geopolitics. Let’s start from the vulnerability perspective. Despite relying on digital infrastructure more and more, a large number of companies aren’t investing in the cybersecurity solutions they need to protect themselves.
There’s also the fact that processing payments has become more criminal friendly. For example, cryptocurrencies like Bitcoin, Ethereum, or Dogecoin provide a way for people to be paid anonymously. Although every transaction is transparent and trackable, no one has to provide identifiable information to create an account. This makes it difficult to link an account to a specific individual, making it a perfect solution for criminals to collect unlimited anonymous payments from their victims.
The way companies tend to behave after a ransomware attack hasn’t helped either. Some companies choose to pay the ransom, but there’s no guarantee that the attacker is going to decrypt your information. In fact, the aforementioned report from Sophos says that only 8% of businesses that pay the ransom get all of their data back. Paying the ransom only encourages the cybercriminal to do it again.
Finally, there’s the geopolitical aspect that involves ransomware gangs. These gangs not only create new ransomware and target corporations, but they also lease their product to anyone willing to pay the price. Most ransomware gangs hide in jurisdictions that can’t be reached by US law enforcement. Unsurprisingly, these groups often go unpunished even after they admit their crime.