Ransomware Attacks Are Growing More Costly and Effective by the Day

Stu Sjouwerman | Mar 17, 2021

Ransomware Growing More Costly EverydayThe availability of commodity bots and ransomware is making the business of ransomware accessible to just about every. And, according to new data, everyone’s getting in on the game.

I love reports that provide an insightful view into what the bad guys are doing, quantifying what we’re all experiencing as an industry. A new report from threat intelligence firm Group-IB entitled Ransomware Uncovered 2020-2021 sheds some much needed light on the current state of not just attacks, but the specific methods and techniques used in today’s ransomware attacks.

According to the report:

  • The average ransom in 2020 was $170,000; up from $80,000 in 2019
  • The average dwell time on a victim network was 13 days
  • The average downtime resulting from an attack is 18 days

Digging a bit deeper…

  • Almost one-third (29%) of attacks start with phishing
  • Almost two-thirds (64%) of attacks are via Ransomware-as-a-Service

There are two very frightening predictions in this report.

“More actors will focus on gaining access to enterprise networks for resale purposes.”

and

“Some threat actors may abandon the use of ransom-ware and instead focus on exfiltrating sensitive data for extortion.”

Think about it what all this means: more hackers will be looking to simply gain compromised access to your environment to sell it to the would-be cyberattackers who have access to even more effective and readily-available RaaS.

This is bad news, indeed.

As the bad guys ramp up their efforts to make more money off of victim organizations, it’s equally important that you begin increasing your security stance against these kinds of attacks – specifically focusing on the phishing aspect of attacks by putting employees through new school Security Awareness Training. By continually educating users about cyber attack methods and scams, they are more prepared to spot one before they’ve made the mistake of engaging with it and putting the organization at risk.

Topics: Ransomware

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.