Articles about Ransomware

The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021.

The latest Sophos State of Ransomware report also reveals that the average ransom paid is now $170,404, but that only eight percent of organizations managed to get back all of their data after paying a ransom, with 29 percent getting back no more than half of it.

Continue reading →

You would think that getting to work for a ransomware gang would be a bit different from applying for a normal IT job.

However, after following up a post on a forum a researcher at CyberNews managed to get an interview with the Ragnar Locker ransomware operators which reveals a surprisingly corporate approach to recruitment and remuneration as well as uncovering some of how the gangs operate.

Continue reading →

IT security teams have faced a range of challenges in the last year thanks to dramatically expanded work-from-home programs, increased BYOD use, and rising internal and third-party risks arising from the COVID-19 pandemic.

The latest Cyberthreat Defense Report from CyberEdge shows 86 percent of organizations experienced a successful attack, up from 81 percent the previous year, the largest year-on-year increase in six years.

Continue reading →

The latest State of Email Security report from Mimecast, based on a study of over 1,200 IT and cybersecurity leaders, shows businesses faced unprecedented cybersecurity risks in 2020.

Ransomware impacted 61 percent, a 20 percent increase over last year's report, while 79 percent say their companies experienced a business disruption, financial loss or other setback in 2020 due to a lack of cyber preparedness.

Continue reading →

Imagine, for a moment, that you own a small business -- say, a regional dairy farm producing milk, ice cream, yogurt, and other products. And, like so many companies in the food manufacturing sector, you get hit by ransomware. You can’t access any of the data you need to run your business -- so you don’t know which products to ship, where to ship them, what prices you’ve negotiated, who’s paid and who hasn’t… everything is locked up. And, the clock is ticking -- you can’t tolerate extended downtime or products will spoil and customers will defect to other vendors.

The ransomware threat actor wants $50,000 to give you the decryption keys for your data. Your cyber insurance company tells you to just pay the ransom and they’ll cover most of it, as long as it doesn’t violate the rules set up by the US Treasury Department’s Office of Foreign Assets Control (OFAC) against paying ransom to gangs or nation states that are under economic sanctions. But, they do some research and determine the ransomware threat actor would fall under these rules, so they rescind the recommendation and will only partially offset what would be an enormously expensive IT consulting engagement to restore the systems in an acceptable period of time.

Continue reading →

Ransomware attacks grew by 485 percent in 2020 compared to 2019. Attacks in the first and second quarters accounting for 64 percent of all attacks or 19 percent higher than the first two quarters of 2019.

This is one of the findings of the latest Consumer Threat Landscape report from Bitdefender. which also shows that IoT devices with proprietary operating systems were responsible for 96 percent of vulnerabilities even though they account for only 34 percent of consumer devices.

Continue reading →

Fileless malware attacks were up nearly 900 percent in 2020 and cryptominers grew by 25 percent, but ransomware payloads dropped by 48 percent compared with 2019.

These are findings of the latest internet security report from WatchGuard Technologies which is based on endpoint threat intelligence following WatchGuard's acquisition of Panda Security in June 2020.

Continue reading →

Historically ransomware has relied on encrypting data and then demanding money in order to release it.

But a new report from F-Secure shows that 2020 has seen an increase in ransomware that also steals data, giving the attackers more leverage over their victims. If organizations first refuse to pay a ransom to decrypt their data, attackers threaten to leak the stolen information, increasing pressure on victims.

Continue reading →

Cybercriminals are using more sophisticated ransomware tactics and more dangerous variants, like Ryuk, to earn an easy payday. This has seen a 62 percent increase globally and a 158 percent spike in North America since 2019.

The latest Cyber Threat Report from SonicWall highlights how COVID-19 has provided threat actors with opportunities for more powerful, aggressive and numerous attacks, thriving on the fear and uncertainty of remote and mobile work forces navigating corporate networks from home.

Continue reading →

The last quarter of 2020 saw a 10,000 percent increase in ransomware activity according to a new report from managed security services provider Nuspire.

The company's latest Year in Review Threat Landscape Report -- sourced from its 90 billion traffic logs -- outlines new cybercriminal activity and tactics, techniques and procedures.

Continue reading →

A new study from cybersecurity company Deep Instinct, finds that last year malware increased by 358 percent overall and ransomware increased by 435 percent as compared with 2019.

The report which analyzes millions of attacks taking place across the year finds distribution of the Emotet malware skyrocketed by 4,000 percent, while malware threats attacking Android phones increased by 263 percent.

Continue reading →

Most organizations have a severe lack of visibility into remote endpoints according to a new report, which poses additional risks as more people work from home.

In addition, few have a way to stop ransomware from spreading throughout their network after an initial breach, according to the study from zero trust specialist Illumio.

Continue reading →

Ransomware made up 81 percent of all financially motivated cyberattacks in 2020, according to a new report from Atlas VPN.

The remainder of attacks comprised a variety of approaches including point-of-sale intrusions, eCommerce attacks, business email compromise, and cryptocurrency mining.

Continue reading →

2020 has seen cybercriminals step up their efforts to exploit the surge of people working from home, as well as seeking to exploit news and information about the pandemic.

This is a notoriously difficult area to predict, but what do experts think we’ll see happening in 2021?

Continue reading →

Paying off a bad actor for successfully implementing ransomware into an organization is the enterprise equivalent of rewarding a bad child who vandalized a home with candy -- but unfortunately, many organizations often have no choice but to pay… and pay a lot.

Technology has enabled asymmetric attacks. In other words, one attacker can federate an attack across many organizations. The attacker needs to get the attack right once -- while the defenders (corporations, governments, hospitals, etc.) need to get their defense right every… single… time!

Continue reading →