Ransomware has experienced a meteoric rise over the last two years, and I contend that it is due for a meteoric fall. Here’s why: As unlikely as it may seem, Ransomware relies solely upon trust.
Many of the criminals behind ransomware appear to have an “honor among thieves” mindset. There have been countless “successful” transactions where an organization or individual has paid the ransom and been given the private key to unlock their captured data. I have even read of situations where the group that created the ransomware had an informal helpdesk that walked victims through the process of paying the ransom, primarily through Bitcoins. Bitcoin is the preferred method of payment because it is a digital-only currency and is nearly untraceable, since it does not link to a bank account. After getting paid, this criminal helpdesk then assisted their victims with decrypting their data. Unheard of, right? This is where the idea of ransomware gets a little crazy: A victim must place their trust in a criminal, and in many cases, that trust pays off. Often, after paying the ransom, data is restored and each party goes their separate ways.
So here you have this perfect criminal balancing act. Someone’s data gets encrypted, they pay a fee, their data gets decrypted. As long as the victim upholds their end of the bargain (namely giving a criminal a Bitcoin), then the criminal gives the victim a private key to unlock their files. Easy money for a criminal, right? Because it appears to be that easy, many are jumping on the band wagon. This misguided perception of easy money will prove to be the beginning of the end for ransomware.
Let’s face it, cryptography is hard. Even the most advanced software developers can make mistakes when using it in their code. If your end goal is to con your victim, and do it quickly, how much effort are you going to put into getting it right? It will not take long before you see very poorly written code by late-comers to the game. This bad code will either fail to encrypt data; will get caught by antivirus or antimalware programs; or will fail to provide a method of acquiring the private key or unencrypting the data. These three breakdowns can only lead to one outcome: no one will pay the ransom, and the fragile trust between the criminal and their victims will be broken. Once this happens on a large-scale, criminals will move on, and ransomware will quickly become a thing of the past.
If I could offer any word of advice, do everything now to ensure that you are not one of the first people to discover that the trust is broken. Don’t be one of the first wave of victims that have no chance of getting their data back. You can protect yourself in one easy step – backup your critical files. A USB drive or removable disk that you keep offline is a lot less expensive than a Bitcoin. Cloud services like Dropbox, Google Drive, OneDrive, or Carbonite all exist to keep you out of trouble and are well worth the expense. If you are going to trust in something, make it a solid backup and not a criminal.