We don’t know who is making the payments, or who is receiving them. But by looking at the public protocols of Bitcoin accounts associated with ransomware we can see the trail of money paid.
How much would you pay to regain access to your computer files? This is a question victims of ransomware are faced with when they least expect it. A threatening message appears promising to delete all files unless a payment is made before a certain time.
“My first reaction was panic. My second reaction was to get on another computer and figure out exactly how much 1.71 Bitcoin was worth in US dollars,” said John, a lawyer in Chicago, describing a ransomware attack that temporarily crippled his legal practice in 2016.
A malicious link clicked or a file attachment arriving by email can unleash ransomware on networked computers or mobile phones. It can take down healthcare providers and threaten the aviation industry. Estimates of how many people and companies are affected by ransomware vary, but it’s a big crime business. Software to unleash an attack can be easily bought and customized. Network security company SonicWall counted more than 200 million attacks globally in 2018. Cisco estimates that every 40 seconds a business falls victim.
In recent years, international law enforcement and security firms have collaborated on The No More Ransom Initiative to freely share decryption tools. This has helped people worldwide. Creating frequent backups of files and keeping operating system software updated is the best fix to keeping your own devices healthy and free of malware that can infect others too.
Secrecy clouds what we know about the economic impact of ransomware. A 2018 study about ransomware payments via Bitcoin offers a glimpse of how many people fall prey, and suggests a new counting method to better estimate the millions of dollars of payments.