Year on year cybercriminals are becoming more savvy and finding new ways to make increasingly large amounts of money. At the moment, ransomware is all the rage. Following the global WannaCry outbreak – which almost crippled the NHS – ransomware has been thrown into the public consciousness like never before.
And according to research by Google it is not going away anywhere fast. "It’s become a very, very profitable market and is here to stay," said Elie Bursztein from Google. "Ransomware is a fast-moving market, there’s aggressive competition coming from variants such as SamSam and Spora. It’s no longer a game reserved for tech-savvy criminals. It’s for almost anyone."
And ransomware has become big business for the gangs of hackers collaborating together. Google’s research found that cyber-thieves have made at least $25m (£19m) from ransomware in the last two years alone. The most popular strains of ransomware were the Locky and Cerber families, added Bursztein. Payment analysis of the Bitcoin blockchain, which logs all transactions made using the e-currency, revealed that those two strains also made the most money over the last year, with Locky collecting about $7.8m (£5.9m) and Cerber $6.9m (£5.2m).
And with security firms scrambling to find ways to shore up shop, Microsoft is offering huge sums of money to patch-up potential vulnerabilities in its Windows 10 operating system. Launching its new Windows Bounty Program, the software giant has expanded its existing security bug bounty programs. Microsoft has previously paid out $100,000 for Windows 8.1 bugs, and this new scheme will see the software giant pay out far more for serious Hyper-V flaws in Windows 10 or Windows Server operating systems.
Microsoft will now reportedly pay up to $250,000 for fixes to severe Hyper-V vulnerabilities, and security bugs in Microsoft Edge or Windows 10 preview builds will fetch up to $15,000. “Security is always changing and we prioritize different types of vulnerabilities at different points in time,” a Microsoft spokesperson said. “Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities.”