Average Ransomware Payment Grew 104% in a Single Quarter
A new report from Coveware has shown that the average ransom payment made by an organisation, government body or individual to a cybercriminal has more than doubled in a single quarter, while the average time a website or network was down grew by a number of days.
The news comes via Coveware’s “Ransomware Marketplace” report, which shows that, on average, the payment made to the person or group holding a system for ransom grew to USD $84,116; up 104% from the previous three-months.
Coveware also states that “in Q4 of 2019, average downtime increased from 16.2 days, from 12.1 days in Q3 of 2019. The increase in downtime was driven by a higher prevalence of attacks against larger enterprises, who often spend weeks fully remediating and restoring their systems. Established enterprises have more complex networks, and restoring data via backups or decryption takes longer than restoring the network of a small business.”
The report also states that with additions to Ryuk ransomware which can now turn on a device that was perhaps compromised and switched off by an IT worker to minimise the damage, the impact of the attack is greatly magnified. “Ransomware is typically detonated during the night or early morning hours when oversight from security admins is limited. Infiltration during off-peak hours means that most machines are not running as the workday is over and most employees are gone. This feature turns their machines back on so that the number of encrypted endpoints is maximised,” the report adds.
“Some variants such as Ryuk and Sodinokibi have moved into the large enterprise space and are focussing their attacks on large companies where they can attempt to extort the organisation for a seven-figure payout. For instance, Ryuk ransom payments reached a new high of $780,000 for impacted enterprises,” the report stated.
“Some variants have moved into the large enterprise space and are focussing their attacks on large companies where they can attempt to extort the organisation for a seven-figure payout.” Coveware.
“On the other end of the spectrum, smaller ransomware-as-a-service variants such as Dharma, Snatch, and Netwalker continue to blanket the small business space with a high number of attacks, but with demands as low as $1500.”
According to InfoSecurity Magazine’s Phil Muncaster, “98% of organisations that paid a ransom received a decryption key, and those victims successfully decrypted 97% of their data. However, with multi-million-dollar ransoms now commonplace, the official advice is still not to give in to the hackers’ demands, especially as it will lead to continued attacks.”