A ransomware threat analysis from Palo Alto Networks has revealed that ransomware infections and demands for money have skyrocketed in 2020, as this type of malware cements its position as the number one threat facing businesses today.
Palo Alto Networks’ threat intelligence team, Unit 42, issued their analysis this week and found that the average ransomware payment paid by organisations in 2020 increased from $115,123 in 2019 to $312,493. A substantial increase of 171%.
These numbers demonstrate a worrying inevitability; that those who develop and distribute ransomware know that organisations are willing to fork out lots of money to get their important files back and as such are continuing to raise their ransoms to extort as much money as possible.
But not only are cyber crooks raising their ransoms. They’re also fine-tuning their extortion techniques. More ransom demands are not only threatening organisations with the prospect of losing all their files, but also with the threat of having particularly sensitive files leaked to the public or the organisation’s competitors. This again leads to organisations willing to pay out even more money for the ransomware crooks to go away.
2020 saw other records broken as well. The highest ransom that was actually paid by an organisation doubled from $5 million in 2019 to $10 million in 2020. And the highest demand for payment rose to $30 million, highlighting just how emboldened these crooks have become.
And if you believed there was any thread of decency left hiding somewhere in the dark side of ransomware distribution, you’d be wrong. It is no coincidence that the healthcare sector was the hardest hit in 2020, with crooks knowing that organisations within this sector were less likely to be able to accept being locked out of their systems for any period of time amid the on-going COVID-19 pandemic.
Sponsored Content. Continued below...
Ransomware still remains a big threat for home users as well, with emails containing harmful attachments still prolifically targeting both personal and business email addresses.
Teaching employees about harmful email attachments and good password habits, keeping your software up-to-date and not using unsupported software, effective security software for your organisation’s network and maintaining a current and separate back-up remain among the most effective methods of protecting yourself against ransomware infections.
However this threat analysis will highlight one alarming trend. Ransomware, and indeed ransomware-as-a-service, is getting worse, and every organisation with any meaningful presence on the Internet will need to take appropriate precautions against it or risk falling victim to a potentially expensive ransomware attack.