Security Policies

InfoShot: Are companies hoarding Bitcoins as ransomware insurance?

Ransomware – the act of infecting a network, often via email, then encrypting files or devices before demanding a ransom - became a billion-dollar industry in 2016. There was a threefold increase in the number of ransomware attacks between 2015 and 2016, according to Kaspersky.

The likes of Locky, Cryptowall, CryptXXX, and Cerber each brought in over $50 million last year, usually in the form of cryptocurrencies such as Bitcoin, which brings up the question: should companies stockpile Bitcoins as an insurance policy against ransomware?

The FBI and most cyber-experts advise that companies shouldn’t pay the ransom. However, that hasn’t stopped many companies actually making investments in cryptocurrencies. In a recent interview with IDG Connect, Malwarebytes CEO Marcin Kleczynski admitted many CISOs he had spoken to had Bitcoins ready to deploy if necessary, often in “substantial amounts.”

A recent Citrix study found that 42% of UK companies apparently have a stockpile of digital currencies ready in case of a ransomware attack, up from 33% of companies the year before. The average company stash was 23 bitcoins (valued at around $69,000). A third of those companies hoarding have more than 30 bitcoins (valued at around $90,000) to hand.

Interestingly, the study also suggested companies with less than 1,000 employees were more likely to have a cryptocurrency stash than larger ones with 1,000+ employees. This may well be because larger companies are more likely to have backups and security in place which make ransomware less effective.

James Lyne, Global Head of Security Research at Sophos, however, is wary of such planning.

“I’m not saying maybe it's not a good idea for a big business to have that option, given some ransomware has an unlock timer that starts deleting files very quickly. But banking on it as your strategy I think is terrible advice.”

He warns that while many criminals do release your files after payment, there’s no guarantee, and can often invite a second attempt at an attack since they know you’re willing to pay.



« Containers: Everything you need to know


Forget Apple vs. Uber: Electric cars from China will be the real economic disruptor »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?