A new report, on ZDNet, states that the largest ransomware demand now stands at $30 million. In addition, the average ransom paid in exchange for a decryption key to unlock encrypted networks rose from $115,123 in 2019 to $312,493 in 2020. This represents a 171 percent year-over-year increase.
From these data is becoming evident that cyber criminals are making more money than ever as a result of ransomware attacks.
Furthermore, according to new analysis from Jeff Brown, CEO at Open Systems, we should expect more of the same in 2021. Invariably the demand is for a ransom to paid in a cryptocurrency like Bitcoin. While many companies publicly say that they do not give in to hackers, behind the scenes the evidence is that more often than not ransoms are paid in order to free inaccessible data.
Brown tells Digital Journal that: “Successful ransomware attacks begin long before victims receive demands from the cybercriminals. They start with an initial breach which grows as the cybercriminals methodically expand throughout the network to locate and access the victim’s critical data. It’s during this initial breach phase that companies have the best chance to stop the attack before it takes hold – possibly limiting it to just a single compromised device.”
This may be so, however Brown says that “businesses need to know as soon as possible that a breach has occurred in order to contain it so early in the cyber kill chain.”
There is a technical knowledge issue, though. Here Brown indicates: “Unfortunately, it’s extremely difficult for businesses – most of which are not cybersecurity experts – to continually monitor for breaches, particularly given the global shortage of cybersecurity talent they need, which makes it extremely challenging for them to contain the deluge of cyberattacks coming their way.”
Consequently, Brown recommends: “Organizations that need assistance addressing ransomware and other cyberthreats can get the expertise and responsiveness they need by partnering with a managed detection and response provider. An experienced MDR provider can efficiently and effectively identify and contain cyberthreats on the enterprise’s behalf based on a pre-authorized playbook.”
