Why cybercriminals choose ransomware?

Cybercriminals choose ransomware

Cybercriminals choose ransomware because it’s fast-paced, advanced technologies, scalable and less interaction.

Fast-paced – worldwide computer networks can be compromised in minutes. The fastest form of ransomware is LockBit, which took a median time of just 5 minutes and 50 seconds to encrypt 100,000 files. In one of the tests, it only took LockBit 4 minutes and 9 seconds to encrypt the files measuring in at 53.83 GB across different Windows operating systems and hardware specifications.

Technology has advanced – Bitcoin allows cybercriminals to safely receive payment with less chance of being caught. Anonymity. Speed. Access. Bitcoin, like other cryptocurrencies, allows cybercriminals to receive funds with a high degree of anonymity, making transactions difficult to track. Bitcoin gained notoriety as the common currency of the Dark Web, where it remains popular. It is seen as the essential cryptocurrency — easy to acquire and use, making threat actors believe victims will be more likely to pay. Occasionally, cyber threat actors demand other cryptocurrencies, such as Monero and Zcash. These have additional privacy features that make tracking payees more difficult but are the exceptions to the rule.

It is extremely scalable – which means many victims can be compromised by merely sending emails, less work and the cybercriminals just have to wait for payment. Also, many ransomware family variants are the addition of a data exfiltration feature. This new feature allows cybercriminals to exfiltrate sensitive data from victim organizations before encrypting the data. This exfiltrated data is like an insurance policy for attackers: even if the victims have good backups, they’ll likely pay the ransom to avoid having their data exposed.

There is little victim interaction because the demands of the cybercriminal and information on how to pay the ransom are shown on the victim’s computer.


All of this combines to create a simple and effective way for cybercriminals to wreak havoc on businesses.