Wannacrypt ROI is why we’ll see more ransomware
The makers of Wannacrypt made some quick money for a small investment. That means other’s will copy their success or take advantage of the fear and confusion.
WannaCrypt has received a lot of attention but it’s important to remember that ransomware isn’t new. The global publicity about WannaCrypt changed how it was handled. It’s different from past and future ransomware attacks.
$50,000 isn’t a bad return
This Bloomberg article Hardly Anyone Paying the Hackers? Because Using Bitcoin Is Hard surprised us in several ways.
Paying by Bitcoin isn’t so hard. It might be unfamiliar to most people but it’s doubtful that difficulty is making much difference. Anyone who has lost all their documents and backups is motivated to make any extra effort necessary.
The $50,000 total ransom estimate is a guess but seems to us a pretty good return on investment.
$50k is probably considered ‘petty cash’ at Bloomberg but in most parts of the world it’s a small fortune.
The costs of a ransomware attack are quite low. A few thousand dollars in programming and development at most.
Let’s overestimate and say the startup and running costs of the Wannacrypt attack came to $10,000. That would mean a $40k profit or an ROI of around 400% over just a few weeks.
In normal circumstances a ROI of 400% would get glowing and envious coverage in the financial press.
That means we’ll see more ransomware attacks in the future. The costs are low and it only takes one successful attack to put the ransomers into the black.
Ransomware isn’t going away
There’ll be more ransomware attacks and most of them won’t rate a mention in the general media.
You need to be ‘on guard’ in all the usual ways against an attack. Regular Office-Watch.com readers know what we’ll say:
- Keep your Windows and Office software up to date.
- Have good backups including ‘offline’ backups.
- Be cautious about emails from unknown or unexpected sources.
- Be wary of unusual or strange messages from people you know (the Sender may be faked).
- Don’t forget to be wary of documents via messaging services like WhatsApp and Signal.
Taking advantage of Wannacrypt
Whenever there’s a computer attack which makes the news, you can be sure that anti-virus software makers will take advantage to sell their wares.
Office-Watch.com is hardly Microsoft’s biggest fan but happy to recommend their Windows Defender software. Defender comes with all Windows releases since Windows 7. It’s started and updated automatically.
Windows Defender is enough protection against viruses, trojans, ransomware etc. for the vast majority of people. Defender plus some personal caution and backups is adequate cover.
Buying extra anti-virus software doesn’t make your computer safer. Having other AV software might complicate your computer. We’ve seen many cases over the years where readers have to spend time tweaking or even disabling their extra anti-virus software to continue working.
Advice not to pay the ransom isn’t practical
It’s easy to recommend not paying a ransom when you’re not the one affected. Refusing to pay is the ethical choice but not always the practical one.
A person or business stuck with all files unavailable, is understandably tempted to pay the ransom in the hope that they’ll be able to work again.
Free decryption options
Some ransomware attacks can be recovered without paying a ransom. Hacker ‘good guys’ figure out the decryption method and post a site or code. Victims can enter their unique ransom code and get back the recovery code without paying a cent.
WannaCrypt now has such an option but it only works for Windows XP computers that haven’t been rebooted. See Wannacrypt rescue without paying – if you’re lucky
These free decryption services aren’t always available but worth checking before paying money.