As recently as three years ago, businesses whose data was being held hostage by ransomware attackers could expect to pay upwards of $10 million to retrieve their files unencrypted, the only way to get back to doing business.
Last week, PulseTake, the Chicago medical planner, was able to get its data back for $150 worth of fast food gift cards – just one example of the ransomeware deals available to US businesses today.
“In 2020, there were only one or two hundred thousand players in the ransomware game,” says Lenore Tomlin of the Simmings Institute, “Today there are upwards of five million and they’re tripping over each other trying to make a living.” As a result, she says, many companies are enjoying tremendous savings when it comes time to reclaim their files.
“Last year we assumed we’d be attacked multiple times so we budgeted $750 million,” says Nora Walls, PulseTake’s Chief Strategy Diseminator. “But we ended out paying out only $650 – a pretty good shot to the bottom line.” This year, the company has budgeted $1,200. “Just to be safe,” says Walls.
Things will only get tougher for the attackers, says Tomlin, unless they’re willing to diversify
Attacker Charles Walsh of Baltimore was thinking of getting out of the business altogether after his income dropped from $20 million in 2017 to $4500 in 2023 – half of which was in oil change certificates.
“Then I discovered hepberry scones,” he says, “which takes the concept of fruit and scones to a level never before imagined.” He started making and selling the pastry by mail in January, and says the profits he earns from them will surpass his ransomware earnings by 2026
earnings by 2026.
