Ransomware, a phenomenon now very well known, serves one ultimate and obvious purpose:

  • Monetary gain for the cybercriminal(s).

However, multiple scenarios are, in fact, possible. Consider any and all of the following:

Closing thoughts

As we’ve seen, ransomware can serve a plethora of purposes; whether it is deployed by a nation-state actor, the more common cybercriminal, or your neighbor disgruntled at your tree hanging over their wall, one thing is for sure: you are, and have been compromised!

In more recent years, targeted ransomware has become a common phenomenon, this means ransomware either tailored to your environment, or manually installed – the latter often via hacked RDP or VNC services.

The most famous example is no doubt Samas, also known as SamSam:

https://www.bleepingcomputer.com/news/security/samas-ransomware-group-made-at-least-450-000/

Other examples include: CrySiS and derivatives, RSAutil and PetrWrap. 

While targeted ransomware attacks are occurring as early as 2013, in most recent years, they have become more fearful, due to the ransomware also encrypting files.

Conclusion: ransomware is and will always be ransomware – but it may have a twist and an additional purpose.

Source: https://bartblaze.blogspot.com/p/the-purpose-of-ransomware.html?m=1