Ransomware attackers have deviated slightly from requesting payment in Bitcoin to now more often requiring Monero and Ethereum. Bitcoin, as of January 11, 2018, is going for roughly $14k per coin, while Ethereum and Monero going for roughly $1000 and $400, respectively.
Recently there have been a few major ransomware attacks that were business oriented that requested 50 Bitcoin as payment. Fifty of anything doesn’t sound like a lot until you realize that Bitcoin, at its peak, was worth $17,549.67 USD, which brings the cost of 50 Bitcoin up to $877,483.50. Any company that is willing to spend nearly one million dollars to trust some random attacker to decrypt their data, which is never recommended, either has way too much money or they are begging to be labeled the only company in existence to pay that much for a ransom. The results of such a payment would mean their company name, server information, network information, and vulnerabilities blasted all over the Darknet.
Many experts believe that the recent ransomware attacks accepting other forms of payment is because those cryptocurrencies are beginning to get increased credibility and more expensive. To play Devil’s Advocate there might be a different reason. Any ransomware that is requesting even one Bitcoin for decryption probably won’t get paid in the end because few people have over $10,000 sitting around and are also willing to part ways with it. Ransomware that asks for 5 Ethereum or 50 Monero has a much better chance at succeeding simply due to the lower cost to the entity affected. Fifty Monero is a paltry $2,000 USD when compared to the cost of a single Bitcoin.
If someone pays the ransom they will become the target for future attacks because the attackers know they will pay. The best way to get people to pay is to lower the cost of decryption. The best kind of business is repeat business, and the best defense to this kind of extortion is properly securing your systems.