Time is an important factor in making the decision whether or not to pay. Ransomware often displays a countdown on the screen, trying to force people into action before they have a chance to change the minds. For example, CryptoLocker would increase its ransom to a hefty 10 BTCs after a certain deadline ($100,300 USD at the time of this writing). What could ransomware authors do to increase the price their demands? Increase the time pressure. There is a reason that ransomware is especially scary for the healthcare industry: Ransomware accounts for 72 percent of malware incidents (DBIR). What if it takes over a patient’s insulin pump? Or worse, stays dormant while taking control of cardiopulmonary bypass? The consequences could be dire. Look around your home. Ransomware could target your IoT-controlled HVAC system, stay dormant, and turn off cooling or heating only when extreme weather conditions are detected. These are not new types of attacks, but if the next generation of ransomware is smart and stays dormant for an extended period of time, time, as a decision-making factor, could become more important. As many security companies are using machine learning (ML) to improve their defensive mechanisms, attackers are doing the same – and using ML to learn when is the right time to strike could have horrible consequences.