Ransomware payments hit a new record in 2021 as more and more data is offered on the dark web. Recent study by Palo Alto Networks Unit 42 shows average ransom demand up 144 percent to $2,2 million, average payment up 78 percent to $541.010.
Ransomware payments hit new records in 2021 as cybercriminals increasingly turn to dark web leak sites. By threatening to release sensitive data, they pressure their victims to make them pay. Palo Alto Networks (NASDAQ: PANW), the global leader in enterprise cybersecurity, reports Unit 42 in the study released today.
Ransom demands increase by 144 percent
The average ransom demand for cases handled by Unit 42, Palo Alto Networks' IT security analysts, rose 2021 percent in 144 to $2,2 million. The average payment increased by 78 percent to $541.010 over the same period, according to the latest 2022 Unit 42 Ransomware Threat Report.
“In 2021, ransomware attacks disrupted everyday activities that people around the world take for granted — from grocery shopping and fueling their cars to calling 42 and getting medical attention,” said Jen Miller-Osborn, Deputy Director of Unit XNUMX Threat Intelligence.
Ransomware group Conti most active
Ransomware group Conti was responsible for most of the activity, accounting for more than one in five cases Unit 42 analysts dealt with in 2021. REvil (aka Sodinokibi) was second at 7,1 percent, followed by Hello Kitty and Phobos (2 percent each). Conti has also published the names of 4,8 companies on its dark web leak site, more than any other group.
The report details how the cyber extortion ecosystem grew in 2021 with the emergence of 36 new ransomware gangs. He documents how criminal groups invested windfall profits into developing tools that are easier to use in attacks that increasingly exploit zero-day vulnerabilities.
Leaks: Company data published 2.566 times
The number of victims whose data was published on leak sites increased by 42 percent to 2021 companies in 85, according to analysis by Unit 2.566. About 60 percent of leaksite victims were located in the Americas, followed by 31 percent in Europe, the Middle East and Africa, and 9 percent in the Asia-Pacific region. The vertical industries most affected were professional and legal services, construction, wholesale and retail, healthcare and manufacturing.
Detailed commentary, analysis, and breakdowns of activity by region, industry, and ransomware group are included in the 2022 Unit 42 Ransomware Threat Report, available for download on the Palo Alto Networks website.
More at PaloAltoNetworks.com
About Palo Alto Networks Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.