If cybercrime was a country, it would be the world’s third-largest in terms of GDP, just after the US and China. This year, the total cost to the global economy is predicted to top $6 trillion (£4 trillion).
Turbocharging this fast growing crime economy is a method of hacking and extortion known as ransomware.
You may have come across ransomware in the news when large companies are held virtual hostage, leading to headlines like: ‘Gas stations from Florida to Virginia closed as US national pipeline hacked’ or ‘Cyber attack shuts down 20% of all US beef production’.
But the reality is these attacks are happening multiple times a week, to companies and persons large and small – and they’re not going away any time soon.
It’s the type of target, too, that has raised the alarm for many politicians and government officials.
Critical businesses, like hospitals and energy infrastructure, are ripe pickings for cybercriminals that have only a ransom payment in mind.
‘Their intention is to make as much money as possible,’ says Zeki Turedi, chief technical officer for Europe for cyber protection firm CrowdStrike.
‘The types of organisations they’re going to be targeting are the organisations where it’s very critical for them to keep operating, and they’re likely to pay the ransom to keep their businesses up and running.’
But it’s not just big business that’s in the cybercriminals’ crosshairs – for hackers that trade in private and confidential data, there’s not much that’s off limits when it comes to chasing a ransom.
‘The attackers don’t care,’ says Kevin Breen of Immersive Labs, a cybersecurity company that helps firms prepare for ransomware attacks.
‘We’ve seen them go after medical records, we’ve seen them go get patient files, and threaten to release this all in an effort to try and harass an organisation into paying.’
Though ransomware hits have become more frequent in recent years, it was the pandemic and the switch to homeworking that galvanized attacks.