The average ransomware payment soared by 171% year-on-year in 2020 as cybercrime gangs queued up to exploit the pandemic, according to a new report from Palo Alto Networks.
The security vendor’s Unit 42 division compiled its Ransomware Threat Report 2021 from analysis of over 19,000 network sessions, 252 ransomware leak sites and 337 victim organizations.
It revealed the average ransom paid rose from $115,123 in 2019 to $312,493 in 2020, while the largest payment doubled from $5m to $10m. It also claimed that cybercrime gangs are getting greedier, with the largest demand doubling over the same time period to $30m.
Maze was notable in demanding an average of $4.8m in 2020, much higher than the average of $847,344 across all ransomware families last year.
However, the ransom payment itself is just one portion of the total losses victim organizations might suffer. Palo Alto Networks claimed the average cost of a forensic engagement was $73,851 last year but in some sectors incident response costs rocketed. The tech sector saw a 65% increase year-on-year, for example.
Even when backups are a viable option for victims, these costs “would incapacitate many businesses,” the report warned.
In fact, victims who decided not to pay up last year, such as Universal Health Services (UHS), Sopra Steria and Cognizant, all revealed massive losses exceeding $60m as a result of operational outages, lost custom and other factors.
Like others, Unit 42 explained that ransomware groups adapted their tactics last year to target remote workers and certain sectors like healthcare likely to have been hard hit by the pandemic.
It also claimed that the NetWalker group, since disrupted by law enforcement action early this year, was responsible for a third (33%) of double-extortion data leaks.
Unsurprisingly, the US accounted for the majority of victims last year, followed by Canada, Germany and the UK.