As widespread ransomware attacks continue to rise, research says that the average ransom paid to criminals by victims organisations tripled in the last 12 months.
Cybersecurity researchers found that the average ransomware attacks targeting organisations across North America and Europe increased to $312,493 in 2020 while in 2019 the amount paid in exchange for a decryption key to unlock encrypted networks was $115,123.
This figure represents a 171% year-over-year increase, allowing cybercriminals to be bold enough to make such an amount.
In 2020, cybercriminals demanded a $30 million ransom in an instance, this doubled the amount of the previous highest attempted demand of $15 million in previous years.
Ransomware remains an effective tool for cybercriminals because many organisations remain poorly equipped to deal with the threat, leading many victims to give in to extortion demands and pay a Bitcoin ransom in the hope they’ll get the decryption key required to restore their network.
This has been helped along by the rise of additional extortion tactics, such as when cybercriminals encrypt and steal data, threatening the victim with publishing the stolen information if the ransom isn’t paid. In some cases, this leads to organisations that could restore the network without paying the ransom giving in to the blackmail and paying up anyway.
The continued success of attacks has led to some ransomware gangs becoming extremely bold with demands – and it’s paying off. Before 2020, the highest ransom demand paid to cybercriminals stood at $5 million, but during the past year, that has doubled, with data in the report suggesting that one victim paid a ransom of $10 million to cybercriminals following a ransomware attack.
And given the continued success of ransomware attacks – and the emergence of successful new variants of ransomware and easy-to-use ransomware-as-a-service schemes – it’s unlikely that cybercriminals will slow down any time soon.
“Ransomware is one of the top threats in cybersecurity,” said John Davis, vice president of public sector at Palo Alto Networks.
“Organizations around the world are being held hostage by ransomware, and many are being forced to pay cybercriminals because they’re not equipped to combat the threat for varying reasons, from a lack of recoverable backups to the cost of downtime outweighing the cost of paying the ransom,” he added.
Ransomware groups including Ryuk, Egregor, DoppelPaymer and many others continue to plague organisations around the world in 2021, but with the right cybersecurity strategy, it’s possible to defend against attacks.
Phishing emails remain a common means of cybercriminals infiltrating networks, so researchers recommend that employees should receive training to identify threats.
It’s also recommended that remote desktop services should be secured with strong passwords and multi-factor authentication to protect against brute force attacks, while security patches should be applied to stop attackers from taking advantage of known vulnerabilities.
Organisations should also regularly store backups of the network – and do somewhere offline – so if the worst happens and hackers do issue a ransom demand, the network can be restored without lining cyber criminals’ pockets.