Report: Ransom Costs for Stolen Data Rose 200% From 2018 to 2019

Published at: June 8, 2020

On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019.

According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123.

The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums.

Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to a ransomware attack which resulted in the theft of 1.5 terabytes of sensitive data from the firm and its partners.

The highest ransom that Crypsis has seen since 2015 was $5 million, paid by a healthcare organization. 

The highest ransom ever demanded was $15 million dollars, after hackers had stolen data from a data center and solutions provider.

The attack vectors

Crypsis also reveals that in 50% of ransomware infections, the attack vector was the remote desktop protocol.  The report explains that “when enabled, RDP allows users to remotely connect to other Windows-based devices or networks.” When RDP is implemented in inadequate ways it can become an easy attack vector.

The second leading attack vector cited in the report is social engineering, usually email phishing or spearphishing. Social engineering refers to techniques that manipulate people rather than just computers to obtain the desired goal, such as information useful to infect the systems.

Phishing is the practice of sending messages — usually emails — with malicious intent, often including malware as an attachment. While phishing is usually sent en masse to great numbers of people, spearphishing attacks are targeted towards the recipient, with personalized content meant to make the message more convincing.

Tags
Related Posts
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
LG and Mitsubishi Hit by Ransomware Attacks, Data Leak ‘Coming Soon’
Two ransomware gangs reportedly attacked the electronics giant, LG, and Japanese multinational car manufacturer, Mitsubishi. The hackers are now threatening both companies with data leaks. Screenshots posted to the gang’s blog show several files, as well as source code from the attack. No official statement from LG yet As of press time, the electronics giant has not addressed the incident officially. A statement from the ransomware gang alleges that the hackers managed to steal over 40GB of source code from the manufacturer. However, Brett Callow, threat analyst and ransomware expert at malware lab Emsisoft, stated that the alleged proofs don’t …
Technology / June 26, 2020
Celebrities May Have Their Dirty Secrets Exposed if Crypto Ransom Is Unpaid
The REvil ransomware gang says that they will auction over 1TB of data stolen from New York-based entertainment law firm, Grubman Shire Meiselas & Sacks. This data allegedly contains the “dirty” secrets of a number of celebrities. REvil claims that the contents involve sex scandals, drugs, and treachery. Nicki Minaj, LeBron James, and Mariah Carey among the alleged victims In a blog post, the ransomware group says they will begin the auction on July 1, noting that the first round will contain information from Nicki Minaj, Mariah Carey, and LeBron James. The price for each dataset is $600,000. Two days …
Technology / June 24, 2020
Spanish Railway Infrastructure Threatened by Ransomware
Ransomware gang REvil stole over 800 GB of data from ADIF, the Spanish state-owned railway infrastructure manager, after a successful attack deployed on their systems. According to El Español, the authorship of the cyberattack belongs to the well-known ransomware group after they published a post on the official darknet website of REvil on July 22, who boasted of adding another victim. The cybercriminals claimed to have caught over 800 GB in data from the servers of ADIF, although it’s not confirmed how they managed to breach the security of the railway infrastructure manager based in Madrid. REvil didn’t disclose major …
Technology / July 25, 2020
Major Argentine Telecom Falls Victim to $7.5M Monero Ransomware Attack
Telecom, Argentina's largest telecommunications company, has fallen victim to a ransomware attack. Hackers are demanding $7.5 million in Monero (XMR) — an amount that will rise to $15 million if the company does not pay within 48 hours. Argentina's major telephone company, Telecom, just got hacked. Hackers requesting a ransom of $7.5 million in Monero. $XMR pic.twitter.com/AGNvAXh1cg — Alex Krüger (@krugermacro) July 19, 2020 According to El Tribuno, the ransomware attack, which specifically affected Telecom’s call center, took place on July 18. The ransomware was ultimately contained by the Argentinian conglomerate’s IT workers. In a statement issued to local media …
Technology / July 20, 2020