Ransomware Demands Soared 950% in 2019

Security

Ransomware operators had another standout year in 2019, with attacks and ransom demands soaring according to new data from Group-IB.

The Singapore-based security vendor claimed that, after a relatively quiet 2018, ransomware was back with a vengeance last year, as attack volumes climbed by 40%.

As large enterprises became an increasing focus for attacks, ransom demands also soared: from $8,000 in 2018 to $84,000 last year. That’s a 950% increase.

The “greediest ransomware families with highest pay-off” were apparently Ryuk, DoppelPaymer and REvil, the latter on occasion demanding $800,000.

As mentioned, last year saw an increasing number of attackers focus their efforts on larger targets, often using sophisticated APT-style tactics, according to Group-IB. This included trojans such as Dridex, Emotet, SDBBot, and Trickbot to compromise victims and post-exploitation frameworks such as Cobalt Strike, CrackMapExec , PowerShell Empire, PoshC2, Metasploit, and Koadic to gather info on the targeted network. Data theft also became a popular way to force payment.

Phishing emails continued to be the number one initial threat vector, alongside RDP compromise and websites infected with exploit kits, the security vendor added.

“The year of 2019 was marked by ransomware operators enhancing their positions, shifting to larger targets and increasing their revenues, and we have good reason to believe that this year they will celebrate with even greater achievements,” said Group-IB senior digital forensics specialist, Oleg Skulkin.

“Ransomware operators are likely to continue expanding their victim pool, focusing on key industries, which have enough resources to satisfy their appetites. The time has come for each company to decide whether to invest money in boosting their cybersecurity to make their networks inaccessible to threat actors or risk being approached with ransom demand and go down for their security flaws.”

Ransomware operators have indeed picked up where they left off at the end of 2019, launching a blizzard of attacks against firms struggling to adapt to mass remote working, as well as hospitals fighting COVID-19.

According to Coveware, the average ransom paid in the first three months of the year surged by 33% quarter-on-quarter. However, contrary to Group-IB’s analysis, it claimed that despite the “big game hunting” narrative, most victims are likely to be SMBs.

The average number of employees in ransomware victims was 625 in Q1, with the median a much smaller 62.

Products You May Like

Articles You May Like

How to watch Rocket Lab launch satellites for Canon, Planet and more live
California reportedly launches antitrust investigation into Google
Apple says it’s ‘committed’ to supporting Thunderbolt on new Macs after Intel details latest version
Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers
Daily Crunch: Uber confirms Postmates acquisition

Leave a Reply

Your email address will not be published. Required fields are marked *