MADRID, 9 Ago. – –
Average payout for ‘ransomware’ has risen 82 percent in the first half of the year, an increase that is linked to employing increasingly aggressive tactics to force organizations to pay larger ransoms, such as the so.called ‘quadruple extortion’ that can involve everything from encryption and data theft to the closure of the victim’s website or harassment.
The ransomware crisis continues to intensify as criminal companies increase investment in highly profitable ransomware operations, as highlighted by Palo Alto Networks’ security consulting group Unit 42.
Company data shows an increase of the “quadruple extortion”, a trend identified by Unit 42 consultants while monitoring dozens of ‘ransomware’ cases in the first half of 2021, as explained in a statement sent to Europa Press.
This trend means that ransomware operators often use up to four techniques to pressure victims for them to pay. The best known is encryption, for which they pay to regain access to encrypted data and compromised computer systems, which stop working because key files are encrypted.
But they also effect data theft, causing cybercriminals to disclose confidential information if a ransom is not paid, or launch denial of service attacks (DDoS) that shut down the victim’s public websites.
To this is added harassment; Cybercriminals contact customers, business partners, employees, and the media to inform them that the organization has been hacked.
From the cybersecurity company they point out that it is “rare” for an organization to be a victim of the four techniques. However, its analysts have seen how ransomware gangs use different approaches when victims don’t want to pay. That’s double what appeared in Unit 42’s Ransomware Threat Report in 2021, which covered 2020 trends and pointed to double encryption as an emerging trend.
As they adopt these new approaches to extortion, the ‘ransomware’ gangs become more greedy. Average demand for a bailout increased 518 percent in the first half of 2021, reaching 5.3 million dollars (4.5 million euros), compared to the 2020 average that was 847,000 dollars (about 720,000 euros).
The highest single victim ransom demand ever counted by Unit 42 consultants reached $ 50 million (nearly € 43 million) in the first half of 2021, topping the $ 30 million figure (about $ 26 million). euros) reached last year.
Additionally, REvil recently tested a new approach to offer a universal decryption key to all organizations affected by the Kaseya attack, for a price of 70 million dollars (60 million euros), although it quickly reduced it to 50 million. Kaseya eventually obtained a universal decryption key, but it is unclear what amount was paid, if any.
The company indicates that the average payment for ‘ransomware’ has increased 82 percent in the first half of the year, reaching a record $ 570,000 (about 485,000 euros). The increase comes after last year’s average payment rose 171 percent, topping $ 312,000 (just over € 265,000).
The largest confirmed payment so far this year has been $ 11 million (9.35 million euros), according to the data revealed by JBS SA after a massive attack in June. Last year, the largest payment observed by the cybersecurity company was 10 million (about 8.5 million euros).