Average Ransomware Payment Rises Again

COVID-19 continues to create opportunities for the “bad actors” to wreak havoc. In this week’s blog we discuss the latest security concerns created by the COVID-19 pandemic, specifically around Ransomware. This quarter saw a 33% increase in ransom from Q1 2020, with average payment requirement of $111K! It’s the seventh straight quarter that system hijackers have reaped more money and shows that this security breach continues to grow. Compare this to the previous numbers we shared in which the average ransom in Q4 2019 had increased from $84,116 reflecting a staggering increase from $41,198 in Q4 2018.

2020 Findings for Quarter #1 (Q1):

Ransomware Attack Vectors:

  1. RDP Compromise remains at 60%
  2. Email Phishing rose to 26%
  3. Software Vulnerability dipped to 10%.
    **Poorly secured Remote Desktop Protocol (RDP) access points continued to be the most common attack vector in the last two quarters.

Targeted Companies/Industries:

  1. Companies in the Professional Services Industries are the most commonly targeted
  2. Healthcare Companies
  3. Public Sector entities – schools, government
  4. Software Services Companies

Average Size of Companies Targeted by ransomware:

  1. The median company size victimized was 62 employees for Q1, 2020, a 2.5% rise from Q4, 2019.

Average Downtime From Ransomware Attack:

  1. The average downtime for a business compromised was 15 Days

In addition, Cybercriminals are now weaponizing sensitive data to increase pressure on their ransomware victims. More than just asking for a ransom to gain access to your data, they are now threatening to sell your data. Of note is that 99% of ransomware attackers demanded their ransom be paid in Bitcoin; the remaining 1% asked to be paid in Dash or other privacy coins. This has created even more issues and downtime for many companies as they had to scramble to set up BitCoin accounts. (Typical time to set up a BitCoin account is 2-days)

If You Haven’t Done so Previously, Now Is the Time to Evaluate Your Security Risk

Ransomware attacks are becoming more sophisticated and cybersecurity professionals are taking action. With the right tools, you can prevent, detect and respond quickly to ransomware attacks threatening your organization. Clare Computer Solutions offers a suite of security solutions to mitigate your risks. Cyber-extortionists will stop at nothing to steal your business data. Companies victimized by phishing emails and ransomware seek immediate assistance. Talk to your Account Manager or Virtual CIO to discuss your options for a greater security posture.