Coverware Quarterly Ransomware report says that half of the ransomware attacks lead to data steal and transmission to remote servers. Also, the average pay for ransomware attacks happens to be $234,000 up from $100,000 at the same time last year.
Researchers from Coverware state that the increase in ransomware payments is because cyber crooks are only targeting multi-national enterprises and demanding huge sums to free up the locked data from encryption. Moreover, unsecured RDPs, targeting victims through phishing attacks and vulnerability exploitation has also added to the pay increase of Ransomware attacks.
“The only way to defend against such ransomware attacks is to create awareness among employees against email phishing, and raising the defense-line through threat monitoring solutions”, says the report.
Moreover, extortion tactics have also evolved in the past few years in ransomware attacks as hackers are seen selling the stolen data if in case, the victim denies paying a ransom. Also instead of targeting small companies, the threat actors are only hitting big companies that are into the healthcare and manufacturing sectors.
Coming to the leading file-encrypting malware variants, Sodinokibi or REVIL stands tall in the market share with 16.2%, followed by Maze with 13.6 percent followed by other ransomware packs such as Dopplepaymer (7.6%), CLOP (7.4%), and Lockbit at (6.3%). Ragnarlocker, Netwalker, Nemty, Nefilm, Egregor, Darkside also occupy their respective places with the following percentage in market share- 6.1%, 5.8%, 4.8%, 4.3%, 4%, and 3.2%.
Note- FBI is urging ransomware victims not to pay any ransom to the hackers in exchange for the decryption key as there is no guaranty that the bad guys will surely unlock the database after receiving the money.