Cybercriminals Groups and “as a Service” threat actor affiliates alike seem to be doing well, according to a new report on the state of ransomware from Palo Alto Networks’ Unit42.
I never like to read yet another report with industry data that says the ransomware gang is thriving; it means organizations aren’t taking the problem seriously. But, according to Unit42’s recently released Ransomware Threat Report 2022, last year saw massive increases across the board:
- The average ransom demand increased by 144% - from $900K in 2020 to $2.2 million in 2021
- The average ransom payment increased by 78% - from $303K in 2020 to $541K in 2021
- The number of victim organizations whose names and proof of compromise were published to data leak sites increased 85%
According to the report, one of the reasons we’re seeing these “successes” is the technical “lowering of the bar” via ransomware-as-a-service; with ransomware developers being so innovative and building out comprehensive attacks for their affiliates, just about anyone can be a super villain these days.
Just as I’ve said it countless times before, the researchers at Unit42 point to vulnerabilities, remote access attacks, and phishing as the primary attack vectors for ransomware attacks, making this growing problem one that can be relatively easily thwarted. Close any Internet-facing remote access, put a true vulnerability management and threat hunting program in place, and leverage Security Awareness Training to minimize the risk users pose by unwittingly falling for email and web-based social engineering attacks.