Ransom pay­ments in ransom­ware at­tacks

 |  Research

Scientists call on German politicians to act in an open letter

Today, ransomware poses a serious threat to the German and European economies. A recent study commissioned by Germany’s digital industry association Bitkom estimates that data theft, espionage and sabotage cost the German economy approximately €223 billion in losses every year. The willingness of companies to pay ransoms has risen sharply. “On average, around 42 percent of all German companies pay the ransom demanded, usually to the tune of more than 250,000 euros,” explains Professor Eric Bodden, a computer scientist specialising in secure software engineering at Paderborn University and Director of Software Engineering and IT Security at the Fraunhofer Institute for Mechatronic Systems Design IEM. Compared with other courses of action, paying a ransom is often not only financially more favourable for companies, but the ransom payment can now even be budgeted for in the annual budget through a ‘cyber insurance’ policy. “Ransomware has been a highly organised crime for years. Victims’ willingness to pay is what has, unfortunately, made this criminal business model possible. Today, ransomware gangs run highly professional operations and are technically and methodically often far better positioned than the companies they attack. Profits from ransomware primarily go to states that Germany actually sanctions,” continues Bodden. The computer scientist has joined forces with a broad group of IT security experts to write an open letter to German politicians, calling on them to take action to prevent this.

Bodden explains: “A recent BBC report revealed that in 2021, 74 percent of all money made through ransomware attacks went to cyber-criminal gangs in Russia. Ransom payments thereby significantly weaken the current EU embargo on Russia.” The willingness to pay ransoms has become a massive geostrategic risk for Germany. “Ransom payments strengthen Germany’s geopolitical competitors and weaken the German economy and German state,” says Bodden. Instead of investing in improving their IT security, companies are paying ransoms, and consequently increasing the likelihood of further successful attacks against themselves and others. Bodden: “Instead of giving these billions of euro every year to organised crime and the states that are home to these criminal gangs, German companies should be investing this money in their IT security, to make it harder for further attacks to succeed and to let the criminal gangs’ financial flows run dry.”

The signatories are calling on German politicians to create a policy framework governing the payment of ransoms in the event of ransomware attacks.
“Apparently such payments are currently often even tax deductible. This means that we’re financing criminal gangs directly from the public purse,” says Bodden.
Companies and authorities that fall victim to an attack and pay the ransom should be obliged to report this. The signatories are also urging an end to insurance policies that cover ransom payments. Instead, they propose promoting policies that cover the loss of revenue caused by an attack and any recovery measures. In addition, the scientists are calling on politicians to push for measures that will, in the future, provide German companies with methods and technologies that will enable them to meet the IT security requirements placed on them effectively and as cost-effectively as possible. However, they also want companies that find themselves in financial difficulties as a result of attacks to be provided with appropriate support.

About the petition:  https://ransomletter.github.io/