Ransomware Demands And Payments Reach An All-time High

Share post:

The average ransom payment in the first half of 2021 reached a record $570,000, an 82% increase from 2020, according to Palo Alto Networks’ Unit 42. 

A report by the threat team of Palo Alto Networks, Unit 42, focuses on how and why ransomware prices have soared in the past year.

The average actual ransom payment reviewed by Unit 42 in the first half of 20201 was $5.3 million, a whopping 518% increase over the 2020 average of $847,000. The highest demand that was seen in the same period was $50 million, up from $30 million in 2020.

The highest confirmed payment so far in 2021 was the $11 million that meat processing company JBS Foods was able to pay after an attack by REvil, surpassing the highest payment of $10 million received by Unit 42 in 2020.

Why have ransom demands skyrocketed exponentially? One trigger cited by Unit 42 is the quadruple extortion tactic.

  • Encryption: In this phase, the companies concerned pay the attackers to decrypt the encrypted data of their breached computer systems.
  • Release of the data: At this stage, the attackers threaten to make the sensitive data public if the ransom is not paid. The organization is forced to pay the ransom, even if it has backups of the encrypted files.
  • Denial of service attacks: In this scenario, the attackers launch denial of service attacks to shut down the public websites of a victim until the ransom is paid.
  • Harassment: At this stage, the cybercriminals contact customers, business partners, employees and the news media to warn them of the attack, causing the victim severe embarrassment.

As ransom demands and payments continue to rise, Unit 42 recommends that organizations focus on preventing such attacks.

“Keeping your organization safe from falling victim to a ransomware attack requires a fundamental shift away from detection and remediation toward preparation and prevention,” said John Martineau, principal consultant for Unit 42. “This means reducing the attack surface, such as closing the remote desktop protocol (RDP) to the internet and instead using a virtual private network (VPN) with multi-factor authentication (MFA) enabled, preventing known threats, and identifying and preventing unknown threats through security technologies like XDR.”

For more information, read the original story in TechRepublic.

SUBSCRIBE NOW

Related articles

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Critical Vulnerability Leaves Millions Of Sites Vulnerable To Takeover

A severe authentication bypass vulnerability has been discovered in the WordPress plugin "Really Simple Security" (formerly *Really Simple...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways