The cyber landscape continues to be increasingly favorable for hackers and other assorted criminals who initiate hacks and intrusions into peoples’ computers, mobile devices, and the apps and services they use on all that hardware.
It’s not just that the attack surface for things like data breaches keeps getting larger, with a growing number of people tethered to devices and to the digital grid after a year of working from home because of the coronavirus pandemic. The attacks themselves continue to capitalize on peoples’ stupid mistakes, as well as tried-and-true methods of digital sabotage, all of which are also helping make at least some of those attacks, in the ransomware sphere, more profitable to execute than ever. In fact, new research shows that the average ransom paid by victims of ransomware attacks has almost tripled over the past 12 months.
That’s according to researchers at Palo Alto Networks, who studied ransomware attacks that targeted entities across North America and Europe. Among the data the researchers found was the fact that the average ransom paid by the victims in order to receive a decryption key that unlocks their networks was up 171% last year.
The 2021 threat report from Unit 42, a global threat intelligence team at Palo Alto Networks, notes that: “The average ransom paid for organizations increased from US $115,123 in 2019 to $312,493 in 2020, a 171% year-over-year increase. Additionally, the highest ransom paid by an organization doubled from 2019 to 2020, from $5 million to $10 million.” Cybercriminals are also getting greedier, the report continues.
From 2015 to 2019, the highest ransomware demand was $15 million. But in 2020, while the world was still reeling from the public health and financial effects of the coronavirus pandemic, the highest ransomware demand grew to $30 million.
We’ve covered a number of threats and attacks in recent months here at BGR that are often crimes of opportunity, with hackers seeing what they can get away with and going after the low-hanging fruit of victims who make dumb errors, but it’s not hard to see why attackers are increasingly gravitating to ransomware attacks. Indeed, Palo Alto Networks vice president of public sector John Davis said in an interview recently that ransomware is one of the “top threats in cybersecurity,” for at least two big reasons:
“Organizations around the world are being held hostage by ransomware, and many are being forced to pay cybercriminals because they’re not equipped to combat the threat for varying reasons, from a lack of recoverable backups to the cost of downtime outweighing the cost of paying the ransom,” Davis said.
One of the most nettlesome bad actors in this regard is/was the ransomware family called NetWalker. Per Palo Alto Networks, NetWalker leaked data from 113 organizations around the world from January 2020 to January of this year, more than any other ransomware family. In January 2021, the US Department of Justice announced a “coordinated international law enforcement action” to disrupt NetWalker, which the department said has impacted victims including businesses, hospitals, municipalities, law enforcement agencies, school districts, colleges, and more. Attacks have specifically gone after the healthcare sector during the COVID-19 pandemic, “taking advantage of the global crisis to extort victims.”