Median Ransomware Payment Jumps 50% as Mid-Market Becomes More Targeted

Median Ransomware PaymentChanges in attack tactics in the last quarter alone demonstrate a shift in focus for ransomware gangs, as the number of companies attacked with 100 to 1,000 employees grows.

Everyone always thinks it’s “the other company” that gets attacked; another vertical, another geo, another size, etc. But the reality is, every organization is a potential target and it’s only a matter of time until it’s your organization’s turn.

New data from Coveware’s Q3 Quarterly Ransomware Report shows that the lower end of mid-market organizations (those between 100 and 1,000 employees) has risen significantly from Q2 to Q3 this year. According to the data, this grouping of companies has grown in focus by 13%. This coming at a time when the median ransomware payment has increased by 50% to over $71K and the average has grown only slightly to nearly $140K. And with 83% of all ransomware attacks threatening to publish exfiltrated data, it’s likely organizations are facing tough decisions when it comes to paying these increased ransoms.

The primary attack vectors in the mid-market as a whole continue to be RDP compromise and phishing attacks – making it fairly easy for these organizations to put protective measures in place to address the majority of ransomware attacks:

  • RDP – kill basic Remote Desktop access that is Internet-facing. Put additional factors in place like VPN/SASE, MFA, and even Zero Trust solutions to minimize the risk of inappropriate access.
  • Phishing – block malicious content with email filtering, sandboxing, endpoint protection, and Security Awareness Training to include users as part of your propped-up defense.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 23 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Ransomware

Subscribe To Our Blog

Free Phishing Security Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews