Ransomware demands up by 43% so far in 2021, Coveware says


Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Ransomware hacking groups are getting greedier.

The average demand for a digital extortion payment shot up in the first quarter of this year to $220,298, up 43% from the previous quarter, according to a quarterly report from Coveware, a ransomware response firm. The median payment, too, jumped up 58% from from $49,450 to $78,398.

The majority of ransomware attacks in the first quarter also involved theft of corporate data, a continuation of a trend of ransomware actors increasingly relying on exfiltration and extortion demands. Seventy-seven percent of ransomware attacks included the threat to publish stolen data in the first quarter of this year, which is up 10% compared to the last quarter of 2020, Coveware found.

The report comes as the U.S. government is working to improve law enforcement actions targeting the infrastructure that supports ransomware gangs. In recognition that extortion demands are an increasingly popular approach, the U.S. Department of Justice just stood up a taskforce meant to tamp down on ransomware attacks in the hopes of reducing costs to U.S. victims.

Coveware found that, so far this year, fewer victims were paying out ransom demands. But with extortion attempts on the rise, victims may feel tempted to pay up, even if they are better off avoiding the exchange of currency entirely, Coveware advises.

“Over hundreds of cases, we have yet to encounter an example where paying a cyber criminal to suppress stolen data helped the victim mitigate liability or avoid business / brand damage,” the company wrote in its report. “On the contrary, paying creates a false sense of security, unintended consequences and future liabilities.”

In what is likely to be welcome news for law enforcement officials, some ransomware groups appeared to encounter problems in their attack campaigns and running “criminal enterprise at scale” in the first quarter, according to Coveware.

The Conti group, for instance, was attacking victims it had already targeted, a move which runs counter to an organization interested in getting victims to cough up ransom demands, researchers found. Sodinokibi, which was the most common strain found in ransomware attacks last quarter, encountered technical problems in their attacks, while law enforcement entities’ takedown of Netwalker infrastructure apparently ground those operations to a halt.

A whole slew of hurdles in tackling ransomware gangs remains, however.

Average downtime following a ransomware attack grew 10% in the last quarter to 23 days, according to the report. And although hackers were relying on spearphishing as a way to launch their ransomware attacks through much of 2020, gangs are increasingly switching to exploiting vulnerabilities in Remote Desktop protocol services and software vulnerabilities, to breach victim networks, Coveware found.

Part of the challenge law enforcement officials face is keeping up with an evolving threat landscape and array of actors who utilize different techniques.

One ransomware group, known as Clop, has been particularly active in the most recent quarter, Coveware found, for instance. But although Clop ransomware infections were the fourth most common last quarter, in the previous quarter attacks with Clop didn’t rank among even the top ten.

Ransomware gangs in general switched up their target set last quarter as well, and have increasingly been going after victims in the professional services industry, namely law firms, per the report.

Subscribe To Our Newsletter

More To Explore

website creation

10 Attributes to a Good Website

What’s the one thing that can make your business bigger than ever? The answer is- ‘having a good online presence’. And how do you create

iphone security
Computer, Internet Security

Mettez à jour vos iPhone, Mac et iPad !

Apple prévient que des failles sont peut-être exploitées Apple diffuse une série de correctifs pour iOS 14.5, mais aussi pour macOS Big Sur et l’Apple

Wanna take it to the next level?

drop us a line and let's get started

We're Here To help

Feel free to contact us, and we’ll be more than happy to answer all of your questions.

a2Da Digital

a2Da Digital is a brand of a2Da Enterprises

Ahtri 12
10151 Tallinn, Estonia

[email protected]

+372 712 4283
Hours : 08:00 to 18:00 Mon – Fri
Support 24×7 Submit a Ticket Here
Registered in Tallinn, EE : 14740580
VAT : EE102279616

Secured BACKUP

Nothing is more important than having your data available at all times, wherever you are, whatever you do.

At a2Da Digital we provide real time backup of your data, and because your data belongs to you, you are the only one able to use it. No advertising, no reading your documents to propose targeted advertising! It’s your data and only yours!

And because it is important that your documents are really safe, they go through our award-winning anti virus systems so you don’t backup viruses as well!

We use SYNOLOGY world-renowned backup servers to guarantee the integrity of your data, and back up the backup as a fail-safe.

You use several terminals (desktop, laptop, telephone, tablet)? You can use our system as a centralized repository of your documents so everything is synchronized in real time and available to you no matter the terminal.

Our company is a collective of amazing people striving to build solutions you need.

Actual people, easy to contact and who know what they are doing, these are the members of the team you will deal with. We all speak French and English, have an engineer level not matter the position and will be able to answer all your questions as quickly as possible. Just drop an email at [email protected] with your question.

We have both eyes on our equipment, update and maintain it ourselves 24/7 and have constructed an architecture that we believe is sound, secured, efficient and cost effective.