A new report has emerged stating that average ransomware payments jumped by more than 171% in 2020, suggesting that cybercriminals have benefitted from an extremely lucrative period throughout the pandemic.
The numbers come from Palo Alto Networks, who noted an 171% increase in ransomware payments from organisations and individuals that had been hit by the malicious software.
In essence, malicious software like ransomware takes control of a user’s computer, and encrypts the data. This encryption leaves the data on that device locked up, and can only be made accessible again once a password – or decryption tool – is offered by the hacker in question.
Hackers are happy to make these tools available to their victims, so long as they pay a price.
According to the report in question, that price has been skyrocketing as cybercriminals look to exploit those impacted by ransomware software that often have sensitive private and corporate information stored on their device.
That report was published recently after analysing more than 19,000 network sessions, data from more than 250 ransomware leak websites and thanks to information provided by 337 organisations that had been hit by a ransomware attack.
The Ransomware Threat Report 2021 states that on average, ransoms paid by victims to hackers has increased from USD $115,123 to more than $312,000 in 2020.
Authors of the report say that they noted the largest ransomware payment paid to hackers had also doubled, from $5 million to more than $10 million.
These hackers are, according to the report, demanding larger ransom payments from their victims, with some of the largest cybercriminal networks demanding $30 million in the space of a year.
One of the most notorious variants of ransomware, Maze, is said to have demanded $4.8 million from victims in 2020, which was four-million more than the $847,344 average of ransomware types.
The U.S. is currently the country most targeted by ransomware attacks, with Canada taking second place, and Germany and the UK rounding out the top-four.
According to the report, cyber criminals are increasingly targeting the healthcare sector and workforces that have moved to remote working for their campaigns.
The authors of the report also warned that costs of ransomware attacks extend far further than the initial ransomware payment. Costs for remediation and ‘forensic engagement’ in the aftermath of a cyber attack or ransomware infection are said to average more than $70,000.
Depending on the sector, these incident response costs were even larger, with the technology sector experiencing a rise of more than 65% for forensic response costs. The authors warned that these costs alone “would incapacitate many businesses.”
According to a report from InfoSecurity Magazine, “Universal Health Services, Sopra Steria and Cognizant all revealed massive losses exceeding $60 million as a result of operational outages, lost custom and other factors,” in the immediate aftermath of a ransomware attack.