Skip to content

The ransom costs required by the stolen data increased by 200% from 2018 to 2019

June 8, 2020

On average, The ransomware demanded by ransomware hackers in cryptocurrencies increased by 200% from 2018 to 2019.

According to a report by the cyber security company Crypsis Group on June 5 The average ransom amounts claimed by cryptocurrency ransomware groups in 2019 reached USD 115,123.

By contrast, the average number of redemptions required rose by 300% from the first quarter of 2018 to the last quarter of 2019and reached more than USD 21,700. According to the Crypsis Group, the ransom required has increased as hackers are increasingly targeting companies and selecting victims who are able to pay higher amounts.

The ransom costs required by the stolen data increased by 200% from 2018 to 2019The ransom costs required by the stolen data increased by 200% from 2018 to 2019

Cointelegraph reported this only yesterday ST Engineering Aerospace’s US subsidiary fell victim to a ransomware attack that stole 1.5 terabytes of sensitive data from the company and its partners.

The highest bailout Crypsis has recorded since 2015 was $ 5 million, paid for by a health organization.

The highest ransom ever asked was $ 15 millionafter hackers stole data from a data center and a solution provider.

Attack vectors

Crypsis shows that too In 50% of ransomware infections, the attack vector was the remote desktop protocol. The report explains that “When RDP is enabled, users can remotely connect to other Windows-based devices or networks.” If RDP is not implemented properly, it can become a simple attack vector.

The second most important attack vector mentioned in the report is social engineering, usually email phishing or spear phishing. Social engineering refers to techniques that manipulate people and not just computers to achieve the desired goal, such as useful information for infecting systems.

Phishing is the practice of sending messages, usually emails, maliciously, which often include malicious software as an attachment. While phishing is often sent in bulk to a large number of people, spear phishing attacks target a recipient, with personalized content intended to make the message more compelling.

Do not stop reading: