Ransomware attacks have continued to increase in 2021, creating challenges for individuals and organizations throughout the world. Major victims of recent attacks include Apple, Colonial Pipeline and the Washington DC Metropolitan Police Department. Many individuals have also been victims of ransomware attacks, resulting in very high costs, both in the ransoms themselves and the disruption of services they cause.
Ransomware is a type of malware in which the perpetrator prevents you from accessing your data until you pay a specified amount of money. The most common approach is to encrypt the data and promise to provide the encryption key once the ransom is paid. Historically, the perpetrator would delete the data or render the decryption key unusable if the ransom wasn’t paid by a certain date. However, cyber criminals have discovered that most organizations are more concerned with the publication of data than its destruction. As a result, it’s now much more common for these criminals to publish data if the ransom isn’t paid by the deadline.
Trends
Ransomware attacks have dramatically increased in both frequency and ransom amounts since the beginning of the COVID-19 pandemic. Six Degrees reports that the number of attacks has increased by 400 percent during this period, along with a 104 percent increase in ransom from the third to the fourth fiscal quarter of 2020. Ransoms are expected to rise even more quickly as hackers increase their focus on an organization’s critical assets.
Costs
Cybersecurity Ventures predicts that the total cost of ransomware will reach $20 billion by the end of 2021, as compared to $8 billion in 2018 and $11.5 billion in 2019 based on input from experts in academia and industry. PurpleSec reports that Bitcoin is the most common payment method, accounting for nearly half of all ransoms. Additional cryptocurrencies used to pay ransoms include Dogecoin, Ethereum and Litecoin, although Bitcoin generally provides the greatest anonymity for attackers.
Fifty-six percent of ransomware victims pay the ransom, according to Kaspersky. However, 17 percent of those who do are never able to access their data. People between the ages of 35 and 44 are most likely to pay the ransom, with a payment rate of 65 percent. Those over the age of 55 are least likely to pay, at a payment rate of only 11 percent.
Targets
Ransomware attacks target an average of 7,690 organizations or individuals each day, according to PurpleSec. Bank Info Security reports that 50 to 70 percent of ransomware victims in the US are small to medium-sized enterprises (SMEs).
A system’s risk of ransomware attacks is highly dependent upon operating system (OS). Windows OSs are the most popular target by far, accounting for 85 percent of attacks. Only seven percent of these attacks are against MacOS users, with 5 percent against Android. iOS has the lowest risk of the major OSs, at three percent of the total.
Current statistics on malware attacks clearly show a rapid growth in this type of cyber crime. The driving force behind this trend is that both individuals and organizations are generally willing to pay large sums to avoid the possible consequences of failing to do so.
cost flickr photo by CreditDebitPro shared under a Creative Commons (BY) license