New data from Group-IB has revealed that ransom demands have soared from $8,000 in 2018 to $84,000 last year.
In the whitepaper titled “Ransomware Uncovered: Attackers’ Latest Methods”, the Singapore-based security vendor reported an increase of ransomware by 40%, and ransomware demands by an overwhelming 950%.
Ryuk, DoppelPaymer and REVil were labelled as the “greediest ransomware families with highest pay-off”, with REvil demanding $800,000 on occasion.
According to Group-IB, 2019 saw an increasing number of threat actors opting to focus their attacks on larger targets, often using sophisticated APT-style tactics at times including trojans such as Dridex, Emotet, SDBNot, and Trickbot to compromise victims. Threat actors were also found to be utilising post-exploitation frameworks such as PowerShell Empire, Koadic, and Cobalt Strike to obtain information on the targeted network.
The number one initial threat vector were phishing emails, followed by RDP compromise and websites infected with exploit kits.
“The year of 2019 was marked by ransomware operators enhancing their positions, shifting to larger targets and increasing their revenues, and we have good reason to believe that this year they will celebrate with even greater achievements. Ransomware operators are likely to continue expanding their victim pool, focusing on key industries, which have enough resources to satisfy their appetites,” said Group-IB senior digital forensics specialists, Oleg Skulkin.
“The time has come for each company to decide whether to invest money in boosting their cybersecurity to make their networks inaccessible to threat actors or risk being approached with ransom demand and go down for their security flaws.”
Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.