Ransomware Payments Keep Soaring

Researchers with two separate security firms published reports on ransomware trends and the development of the ransomware threat landscape in the first half of 2021. To say the least, the figures are not encouraging at all and are grounds for serious reevaluation among potential victims and organizations.

Palo Alto Networks and Barracuda Networks published two separate reports dealing with trends and developments in ransomware in recent months. Everyone who has been keeping an eye on the threat landscape and has followed the big ransomware attacks in recent months can put two and two together and figure out the situation isn't pretty, but the reports give a laser-focused precision to the general feeling of unease over ransomware.

What immediately stands out in the reports is the massive spike in average ransom payment on a year-over-year basis. This has grown 82% compared against the same period in 2020 and has reached a juicy half a million dollars.

Ransomware attacks keep surging as a whole too. Barracuda's report lists 121 separate, documented and analyzed attacks taking place in the first six months of 2021. This represents an increase of over 60% compared to the same period of 2020 - ransomware threat actors seem to have no brakes.

The reports also highlight a new disturbing trend seen in ransomware attacks. While threat actors initially went from just asking for money to restore files to a two-pronged attack, threatening to leak exfiltrated info and records from the victim's servers, they have how upgraded to a four-way attack approach.

In addition to ransoming files and threatening to leak sensitive information, hackers have begun launching denial of service attacks on any websites operated by their victims and have started proactively contacting any customers and partnered entities of the victim, tooting their horn and announcing the attack, adding an element of harassment to the mix.

Another tactic that seems to have become a mainstay for ransomware groups in recent months is asking an exorbitant price for a decryption key, then negotiating down to something that might appear more reasonable to the victim. This sort of bargaining still pegs the final asking price in the millions, but has a psychological effect on the victims.

When it comes to geographical locations that are primarily targeted by ransomware gangs, the US is still at the top of the chart, with nearly half of all ransomware attacks that took place in the last six months targeting businesses, organizations and entities operating on US soil.

August 13, 2021