Ransomware Costs Double as Attacks Increase in Downtime and Sophistication

ransomware-payments-doubleWith payouts as much as $780,000, new data shows ransomware threat actors are going after every sized organization doing more damage and asking for more money.

It’s definitely not good news – larger ransoms are a leading indicator that the bad guys are getting better at their craft and are being paid handsomely for it. According to Coveware’s just-released Q4 Ransomware Marketplace Report, the average cost of a ransom jumped from around $41K in Q3 of 2019 to just above $84K in Q4! That’s more than double in a quarter!

Ransomware strains like Ryuk and Sodinokibi are targeting larger organizations looking for the big payouts, while Ransomware-as-a-Service strains like Dharma, Snatch, and Netwalker are largely responsible for attacks covering the SMB.

But, wait… there’s more bad news.

According to the report, the number of days a ransomware incident lasts jumped from a little over 12 days in Q3 of 2019 to just over 16 days in Q4 – that’s a 33% increase in downtime!

Ok.. now the “good” news.

The decryption success rate remains flat at around 98%, so most organizations are able to get their data back, with a data loss rate of only 3%.

In actuality, it’s all bad – you’re going to be down longer, pay more, and lose the same about of data during decryption. According to the report, the top two attack vectors remain RDP compromise and Phishing. Best practice dictates the resolution for RDP is simply make these connections inaccessible from the Internet. Phishing, on the other hand is a more complex issue, requiring employees to participate in the organization’s security through Security Awareness Training so they can spot suspicious emails before they click on a malicious link or attachment and help start a ransomware attack.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 21 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Cybersecurity Awareness Month Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews