A new study conducted by researchers from Google, Chainanalysis, University of California San Diego, and the New York University’s Tandon School of Engineering found victims of ransomware have paid a total of $25 million within the past two years. The study indicates ransomware attacks are a “vicious cycle,” with one successful attack inspiring many others to follow.
The researchers were able to track 34 different types of ransomware and various payment addresses to understand the amount ransomware victims are paying and how frequently. One of the most lethal strains of ransomware, Cerber, has the ability to encrypt an entire computer in under one minute, and has made $200,000 monthly in ransom payments over the past year.
Researchers also found that common ransomware is not necessarily owned or deployed by one group of criminals. The team found a new “ransomware-as-a-service” phenomenon, where cyber criminals may lease or sell ransomware programs to other criminals for a fee and a portion of the profits.
Google’s primary advice for a potential ransomware attack is to back up files regularly to a cloud service or external drive. Other advice for staying vigilant against ransomware is to carefully monitor emails and any other form of online communication.