Ransomware Demands And Payments Reach An All-time High

Share post:

The average ransom payment in the first half of 2021 reached a record $570,000, an 82% increase from 2020, according to Palo Alto Networks’ Unit 42. 

A report by the threat team of Palo Alto Networks, Unit 42, focuses on how and why ransomware prices have soared in the past year.

The average actual ransom payment reviewed by Unit 42 in the first half of 20201 was $5.3 million, a whopping 518% increase over the 2020 average of $847,000. The highest demand that was seen in the same period was $50 million, up from $30 million in 2020.

The highest confirmed payment so far in 2021 was the $11 million that meat processing company JBS Foods was able to pay after an attack by REvil, surpassing the highest payment of $10 million received by Unit 42 in 2020.

Why have ransom demands skyrocketed exponentially? One trigger cited by Unit 42 is the quadruple extortion tactic.

  • Encryption: In this phase, the companies concerned pay the attackers to decrypt the encrypted data of their breached computer systems.
  • Release of the data: At this stage, the attackers threaten to make the sensitive data public if the ransom is not paid. The organization is forced to pay the ransom, even if it has backups of the encrypted files.
  • Denial of service attacks: In this scenario, the attackers launch denial of service attacks to shut down the public websites of a victim until the ransom is paid.
  • Harassment: At this stage, the cybercriminals contact customers, business partners, employees and the news media to warn them of the attack, causing the victim severe embarrassment.

As ransom demands and payments continue to rise, Unit 42 recommends that organizations focus on preventing such attacks.

“Keeping your organization safe from falling victim to a ransomware attack requires a fundamental shift away from detection and remediation toward preparation and prevention,” said John Martineau, principal consultant for Unit 42. “This means reducing the attack surface, such as closing the remote desktop protocol (RDP) to the internet and instead using a virtual private network (VPN) with multi-factor authentication (MFA) enabled, preventing known threats, and identifying and preventing unknown threats through security technologies like XDR.”

For more information, read the original story in TechRepublic.

Featured Tech Jobs


Related articles

Russian threat actor expanding its target list, warns Five Eyes report

APT29 is increasingly going after cloud services in mo

Canada’s privacy watchdog investigating hack at Global Affairs

Inquiry will look into adequacy of data safeguards at the federal

Sidebar: The powerful Digital Safety Commission

A look at the powers of the proposed five-person body charged with overseeing the Online

Cyber attack on Hamilton knocks out municipal phone, email

One of Ontario’s biggest cities is in the second day of dealing with a cyber attack. Hamilton, a municipality of about 570,000 on the shore of Lake Ontario, said Sunday it had suffered a city-wide phone and email “disruption” to municipal and public library services, which included the Bus Check Info Line and the HSRNow

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways