Palo Alto Networks Reports Average Ransomware Ransom Payments Up 71% This Year, Nearing $1 Million. Palo Alto Networks has observed and currently evaluated the current development of real paid ransom demands after ransomware attacks.
As thousands of cybersecurity professionals gather in San Francisco for the annual RSA conference, it's a good time to take a quick look at the ransomware activity Palo Alto Networks has observed so far in 2022.
On average, companies pay US$925.162
The numbers are staggering: The average ransomware payment in cases handled by Unit 42 Incident Responders rose to $2022 in the first five months of 925.162, approaching an unprecedented $1 million mark, since it has increased by 71 percent compared to last year. That's before the additional costs incurred by the victims, including the cost of repairing the damage, downtime, damage to reputation, and other damages.
$2020 in 300.000 – now almost a million
These costs are frightening when you look at the development of these costs. The average payment in cases handled by Unit 42 counselors was approximately $2020 in 300.000. It's hard to believe that most of the deals the advisors faced in 2016 were $500 or less.
Every day, on average, seven new victims' data are published on the dark web leak sites used by ransomware gangs to force victims to pay ransoms. Dubbed "double blackmail," this technique increases the pressure on victims by adding a layer of public humiliation to the difficulty of losing access to files by identifying victims and allegedly snippets of sensitive data obtained from their stolen from networks. The observed rate of double extortion means a new victim emerges every three to four hours, according to Unit 42's ongoing analysis of the leak site data.
Cyber extortion remains the #1 threat
The cyber extortion crisis continues as cyber criminals relentlessly introduce increasingly sophisticated attack tools, extortion techniques and marketing campaigns that fuel this unprecedented global digital crime tide. At the same time, the ransomware-as-a-service (RaaS) business model has lowered the technical barrier to entry by making these powerful tools with user-friendly interfaces and online support accessible to even inexperienced cyber-extortionists.
The consequences can be devastating: the Costa Rican government has been the victim of ransomware attacks several times this year, including in May when healthcare service delivery was disrupted. The 157-year-old Lincoln College shut down last month after a ransomware attack cut access to all university records and disrupted admissions for fall 2022 - a hard blow to an institution already recovering from the pandemic.
Individual cases drive up the extortion profits
This year's spike in payments was spurred by two multimillion-dollar ransom payments -- one to an emerging group, Quantum Locker, and one to LockBit 2.0, which has been the most active ransomware gang on leak sites so far this year was double extortion. Unfortunately, Unit 42 advisors have no reason to believe that racketeering gangs will stop demanding millions of dollars in payments. Cases in which companies could be driven into bankruptcy if they do not pay are particularly critical.
More at PaloAltoNetworks.com
About Palo Alto Networks Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.