With payouts as much as $780,000, new data shows ransomware threat actors are going after every sized organization doing more damage and asking for more money.
It’s definitely not good news – larger ransoms are a leading indicator that the bad guys are getting better at their craft and are being paid handsomely for it. According to Coveware’s just-released Q4 Ransomware Marketplace Report, the average cost of a ransom jumped from around $41K in Q3 of 2019 to just above $84K in Q4! That’s more than double in a quarter!
Ransomware strains like Ryuk and Sodinokibi are targeting larger organizations looking for the big payouts, while Ransomware-as-a-Service strains like Dharma, Snatch, and Netwalker are largely responsible for attacks covering the SMB.
But, wait… there’s more bad news.
According to the report, the number of days a ransomware incident lasts jumped from a little over 12 days in Q3 of 2019 to just over 16 days in Q4 – that’s a 33% increase in downtime!
Ok.. now the “good” news.
The decryption success rate remains flat at around 98%, so most organizations are able to get their data back, with a data loss rate of only 3%.
In actuality, it’s all bad – you’re going to be down longer, pay more, and lose the same about of data during decryption. According to the report, the top two attack vectors remain RDP compromise and Phishing. Best practice dictates the resolution for RDP is simply make these connections inaccessible from the Internet. Phishing, on the other hand is a more complex issue, requiring employees to participate in the organization’s security through Security Awareness Training so they can spot suspicious emails before they click on a malicious link or attachment and help start a ransomware attack.
Here's how it works:
