top of page

Ransomware’s big jump: ransoms grew 14 times in one year

Ransomware has become one of the most insidious threats in the past couple of years, with actors scaling up their operations to the point that the average ransom demand increased more than 10 times in one year.

There are well over a dozen operators in the ransomware-as-a-service (RaaS) game, each with a host of affiliates that focus on enterprise targets across the world.

Since the infamous GandCrab group called it quits in mid-2019, the ransomware landscape changed drastically. The RaaS model they introduced is now the norm, paving the way for professional attackers with a clear strategy to make money.

In a report today, cybersecurity company Group-IB analyzed how this threat changed in just one year since 2018. They adopted a wide range of initial access vectors, increased their ransom demands, and started to steal files from victims before encryption for further leverage to force a payment.

According to the report, ransomware attacks in 2019 increased by 40% and the  focus on larger targets drove the ransom price from $6,000 to $84,000, two of the greediest families being Ryuk and REvil (Sodin, Sodinokibi).

In 2020, though, the price has increased even more. Data from Coveware, a company that handles ransomware incidents, shows that the average increased in the first quarter of the year even more, to $111,605. Ryuk and REvil continue to be responsible for this increase in average ransom.

Among the most common intrusion techniques that the Singapore-based company observed in incident response engagements, drive-by compromise via exploit kits (EKs), external remote services (mainly RDP), and spear phishing were at the top of the list.

Phishing is also used regularly to gain initial access to a company’s network. Normally, networks that distribute malicious emails like Emotet, Trickbot (Ryuk), or QakBot (ProLock, MegaCortex) are used for access to the target network.

New-school security awareness training can create a culture of security within your organisation, enabling your employees to identify phishing emails and instilling in them the importance of multi-factor authentication.

With thanks to the Cyber Defence Alliance and Bleeping Computer. The full story is here:

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

Here’s how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)

  • Select from 20+ languages and customise the phishing test template based on your environment

  • Choose the landing page your users see after they click

  • Show users which red flags they missed, or a 404 page

  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management

  • See how your organisation compares to others in your industry

PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

2 views0 comments


bottom of page