The FBI revealed that after analyzing bitcoin wallets and ransom notes, they believe over $140 million were paid to ransomware operators in the last six years. Cybercriminals use ransomware attacks to encrypt the data of their victims and promise to decrypt it after receiving a “ransom” in bitcoin or other cryptos.
Ryuk was the most profitable ransomware for cybercriminals.
Ryuk family of the ransomware bought in the most money at $61.26 million, followed by Crysis/Dharma that brought in $24.8 million. This is the only data that the FBI could get their hands on. In reality, the numbers are likely to be much higher than that. FBI reported that $8.04 million were paid to Bitpaymer ransomware in the last six years.
Defending against ransomware attacks
FBI Special Agent Joel DeCapua presented his findings at this year’s RSA security conference during two sessions. He explained how he was able to use bitcoin wallets and ransom notes collected by the FBI and shared by private partners to find out how much victims paid in ransom payments.
The FBI agent also provided some tips on how companies and individuals can save them from falling victims to ransomware attacks. He revealed that Windows Remote Desktop Protocol (RDP) is the most common method that ransomware attackers are able to gain access to a network before deploying ransomware. DeCapua suggested that businesses and individuals should be careful of phishing attacks, install software and operating system updates, and use complex passwords. He also suggested having a contingency plan with backups to prevent falling victim to a ransomware attack.
