Ransom payments have nearly tripled

In 2020, ransomware targeted the manufacturing sector, healthcare organizations, and construction companies, with the average ransom reaching $312,000, a report finds.

Ransomware gangs aimed to bilk business victims of even more money in 2020, causing the average ransom paid by companies to jump 171% to more than $312,000.

A new report from Palo Alto Networks — which uses data from ransomware investigations, data-leak sites, and the Dark Web — found 337 victims in 56 industries, with manufacturing, healthcare, and construction companies suffering 39% of ransomware attacks in 2020. In addition, ransom demands skyrocketed during the year, doubling both the highest ransom demand — to $30 million—and the highest-known paid ransom, $10 million. The average victim paid more than $312,000, almost a third of the average demand.

The ransoms will likely continue to rise this year, because the ransomware groups are innovating to stay ahead of defenders, says Jen Miller-Osborn, deputy director of threat intelligence at Palo Alto Networks’ Unit 42 threat research group.

“The attackers will continue to evolve, and figure out new ways to make money,” she says, adding that “it is a totally different [threat] landscape, especially in the last year or so, where we have seen the amount of ransoms double.”

Other research has documented similar surges in ransomware payments. In January, blockchain analysis company Chainalysis found that ransoms paid using cryptocurrency surged 311% in 2020 and approached a grand total of $350 million. However, by the end of the year, ransomware payments had begun to decline, seemingly due to a lack of confidence on the part of the victims that attackers would help them recover their data and delete any stolen copies, according to research by Coveware.

To read the complete article, visit Dark Reading.