Ransomware is a 21st century take on an old-school crime.
It’s a simple play. Crooks take something you need or love. You get it back when you pay the ransom. (Except instead of taking your annoying kid, hackers hold your private data hostage.)
Unlike the good old days (when criminals targeted wealthy folks who could pony up a briefcase full of Washingtons at a moment’s notice), these crooks are zeroing in on regular folks like you and me.
With modern tech, hackers can attack thousands of people at once.
Each payout may not be huge, But by skimming just a few hundred dollars from regular, middle-class folks here and there, hackers can bank a million-dollar payday in a single attack.
And there’s zero the risk. (I think I might be subconsciously convincing myself to become a hacker.)
Here’s how it goes down:
- Hackers infect your computer with a virus, effectively locking you out of your data.
- If you don’t pay a ransom (in bitcoin to avoid tracking) by a certain time, your data is destroyed.
- Turning off your computer will destroy the data immediately. And even the best IT guys can’t unlock the data.
Ransomware has been around since Madonna was singing Like a Virgin (1989. Take that to next week’s pub quiz). But it’s only really caught on in the last few years when hackers started to refine the process.
As it turned out, the key to success (much like the key to dating) was “lower your expectations.” Hackers found that the lower the ransom amount, the more likely someone was to pay.
After some tinkering and testing, these nerds found the sweet spot.
For individuals that’s about $500. While for businesses they could demand thousands or tens of thousands of dollars, depending on the size of the business.
And so ransomware flourished:
- Ransomware losses for businesses average $2,500 for each incident.
- On average, businesses are willing to shell out upwards of $50,000 to decrypt their data.
- Ransomware is costing businesses more than $75 billion per year.
- FedEx lost $300 million in the NotPetya ransomware attack. The company didn’t have cybersecurity insurance.
- Ransomware and other cybercrimes are projected to cost the global economy $6 trillion per year by 2021. (That’s a whopping 7.5% of the total value of the world economy.)
Now, the vast majority of these attacks are coming from one place. And they tend to happen in higher volume around certain events. Which strangely enough, presents a weird opportunity for investors to make money.
Stalin’s Zombie Hackers Target Hospitals
The sinister element of ransomware is not how victims are targeted, it’s whothey target.
Ransomware hackers steal data from regular folks, big businesses, and small businesses. However, the industry hit hardest by ransomware by far is healthcare.
Lives depend on the data kept by hospitals, which means they’ll always pay the ransom.
But there’s another more sinister reason that hospitals have become a major target.
According to the Department of Homeland Security, 75% of all ransomware is created in Russia — and almost all of it is developed by government-trained hackers.
You see, Russia has a different perception of hackers than we do.
File footage of real hackers.
Back in the 90s, while the FBI was rounding up hacker kids and throwing them in federal prison, Russia was running government-backed hacker schools, training up the next generation of cybercriminals.
Why would Russia train up a generation of criminal nerds?
Well, Russia’s entire approach to education is a little “different” than our own.
Russian engineers and scientists come from polytechnic schools established by Joseph Stalin himself. These schools are built on a foundation of a total rejection of ethics. (Just like Hollywood agents.)
Stalin believed ethics would hold back Russian engineers. Students in these schools are told to throw their moral compass in the trash and pursue progress at all costs. Russia’s hackers are educated in these very same schools.
Basically, these guys are trained to be ***holes. You mash that together with Russia’s policy on propaganda (create confusion, sew doubt) and you have a toxic concoction.
Targeting a hospital is a win-win situation in their mind.
Either the hospital pays up and the Kremlin banks a nice payday. Or the hospital doesn’t pay, the data is destroyed, and the resulting damage undermines America’s stability.
Strangely enough, these attacks are focused on very specific dates that are easy to predict if you know what to look for.
A Mother’s Day Present from Putin
The most common type of ransomware is a simple email.
Open that email and click the link — bam, you’re infected.
They have your data and you’re not getting it back unless you pay them.
Hackers entice folks to click these links with promises of money, gifts, and mystical erectile dysfunction cures.
Now, most folks know not to click links in strange emails. (Unless they really need that erectile dysfunction cure.)
But, through a little trial and error, hackers have discovered certain times of year when people are more likely to click a dodgy link.
Times of years when your loved ones might be expecting a surprise gift in their email…
WannaCry: A worldwide ransomware attack that infected more than 200,000 computers in 150 countries, causing billions of dollars in damages.
Date of attack? Mother’s Day.
GandCrab: A ransomware capable of identifying Russian users and ignoring them.
Date of worst attack? Valentine’s Day.
I’m sure you see where I’m going with this. Most of the worst ransomware attacks over the past few years have happened on or close to gift-giving holidays when people are more likely to open emails they might otherwise be suspicious of.
So, what has this got to do with investing?
Well, anytime one of these major attacks happens, investors pile into certain cyber-security stocks, causing them to pop almost overnight.
If you bought one of those stocks before an upcoming holiday… say the upcoming Mother’s Day… you could bank yourself a quick and easy profit when the inevitable ransomware attack occurred.