Ransomware Trends in 2021
If you know what ransomware attacks are, then you would be wise to pay attention to the latest ransomware trends. You might be wondering if some of these trends will represent a sign of good things to come for you and your business. After all, if ransomware attacks are on the decline, that would be great news. Well, we hate to burst your bubble, but the trends you will read about below couldn’t be farther away from hope on the horizon.
With trends such as increased ransom cost, attacks becoming more common, only representing the start of recent ransomware trends having sprung over the past year. It’s hard to be optimistic, the good news is this article isn’t being written to create optimists. Sorry, but this article was written in order to inform business decision-makers and keep them up to date regarding a very real and dangerous threat to businesses around the globe.
COST OF RANSOMWARE TO COMPANIES
Companies need to be aware of just how much damage ransomware attacks can do to their businesses. The estimated total damages to companies last year were a staggering 20 billion dollars worth of damage. That number represents a 300% increase in the number of damages realized by companies that experienced ransomware attacks. The average ransomware payment is 174,200 dollars, with the highest payment on record being 4.5 million dollars.
Ransomware damages arent limited to the ransom payout cost. The cost of downtime caused by these ransomware attacks isn’t mentioned nearly as much as it should be when we talk about the cost of ransomware damages. The average cost of downtime from ransomware attacks is 274,200 dollars and lasts for 23 days. Downtime costs related to ransomware are on average nearly 50 times greater than the ransom requested, participants in the survey said.
Top 5 Company Ransomware Payouts
- CWT Global
In July of 2020, Carlson Wagonlit Travel (CWT Global) was hit by a ransomware attack. The attack shut down all the company’s systems. The payment was close to 4.5 million dollars. This number is the highest-paid ransomware payment ever made by a company in history.
- Colonial Pipeline
The Colonial Pipeline Company stated on May 7 2021that it had become a victim of a cybersecurity attack, more specifically a ransomware attack. The attack forced the company to take some systems offline disabling the pipeline. The company paid out 4.4 million dollars in bitcoin to the attacker.
In May of 2021, Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to regain access to encrypted files and prevent the threat of the gang publicly leaking stolen data.
Travelex, a London-based foreign currency exchange that conducts business around the world., paid a ransomware gang 2.3 million dollars to regain access to its data following an attack on New Year’s Eve. The attack caused the company’s customer service department to shut down for weeks.
- The University of California at San Francisco
The University of California, San Francisco (UCSF) paid a total of 1.14 million dollars in ransom money to recover data related to what it called “important” academic work. The data was encrypted after the NetWalker ransomware gang reportedly hit the UCSF medical school
RANSOMWARE TRENDS IN 2021
Ransomware is the fastest growing form of cyber-attack
If you were wondering whether ransomware is the fastest growing form of cyber-attack, you aren’t alone. It seems like since the colonial pipeline attack ransomware is trending in the media. But are they really becoming more common? To answer this question, we need not look further than the events that played out over the previous year. Cyberattacks rose at an alarming rate over this past year due to the huge shift in remote work. While all types of attacks rose, ransomware attacks took the cake in 2020. Ransomware attacks were up an unbelievable 150% last year according to the Harvard Business Review.
Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 11 seconds in 2021. This does not include attacks on individuals, which occur even more often than business attacks. Ransomware trends like this are overly concerning especially when these attacks cost companies huge sums of money. What do you do if you can’t stop ransomware?
Spear Phishing Campaigns
Spear phishing campaigns have become the go-to strategy in which ransomware thugs choose to attack their victims. Adversaries will pick an intended target, then customize an email message that matches their potential victim’s region, demographic, industry, etc. to make it as believable as possible. This sharply contrasts with regular phishing, which involves a broad-strokes approach that when sending bulk emails to massive lists of naive contacts. Unsuspecting users will then click a link or download an attachment that results in malware infection.
Additional Threats or Pressure to Add Urgency to Payment.
Traditionally ransomware criminals would demand that ransom be paid and until doing so you will not be able to access your data. However, these criminals have begun to up the ante with stronger threats for the purposes of speeding up the time it takes to receive payment. For example, an attacker may say that for every hour in which the payment is not received valuable company data will be deleted or leaked publicly.
Companies Are opting to Pay Ransomware Attackers More Often.
70 percent of businesses infected with ransomware paid the ransom to get their data back. This is most likely due to the consequences of not doing so. Often the risk of losing the data is less of a contributing factor than the fear of public opinion should word get out. The loss of data isn’t the biggest risk, the fact that it was leaked can hurt your business more. Especially if individuals start to question your ability to protect their data privacy. Some organizations have gone public with their ransomware infections. Doing so in an attempt to let customers and the public know what they were dealing with. But many others keep the compromises secret to avoid public humiliation and the loss of customer confidence.
However, Law enforcement agencies, including the FBI, and security experts recommend that ransomware victims not pay, for several reasons. First, there’s no guarantee that the attacker will hand over the decryption key. Second, the profits from ransomware help fund other cybercrime operations.
Latest Ransomware Trends Include Legal Consequences from Paying Ransom.
In October of 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory warning. The warning was issued to cyber insurers, financial institutions, and other organizations that help with ransom payments to cybercriminals. The warning essentially stated that paying these criminals ensures these attacks will continue in the future. OFAC also stated within this advisory warning that this type of enabling behavior may be in violation of OFAC regulations.
OFAC issued guidelines with details on the types of penalties that can be assessed against an organization for violating U.S. economic sanctions laws. The dollar amount for possible civil penalties ranges from $1,000 to $307,922 depending on the ransom amount payment. In contrast, criminal penalties can include fines ranging from $50,000 to $10 million. They can even include imprisonment ranging from 10 to 30 years for willful violations.
NEW RANSOMWARE TRENDS ARE CONCERNING
Ransomware attacks are soaring, not only are they becoming more common, but they are also getting more expensive. As an organization, the recent trends surrounding ransomware attacks should not be taken lightly. The threat to your organization’s reputation and financial health alone should have you taking the necessary preventative measures. Now with the increase in legal ramifications organizations need to face the music and protect themselves accordingly as the risks are far too high to take chances.