Almost half of all ransomware victims are hit again by the same attacker

midian182

Posts: 6,912   +62
Staff member
Why it matters: Despite being warned against the practice, we’ve recently seen several large organizations hand over millions in crypto to ransomware gangs, but does that mean follow-up attacks are less likely to occur? Not according to a new report that reveals almost half of all victims are targeted again by the same hackers.

In a study by Censuswide (via ZDNet), it was discovered that around 80% of organizations who paid ransoms were hit by a second attack, 46% of which were believed to have originated from the same group. One company that paid millions of dollars following a ransomware incident was targeted in a second attack by the same hackers within two weeks of handing over the crypto.

Even when victims did pay to regain access to their encrypted files, there were often problems: 46% of those who paid found some of the data was corrupted; 51% regained access with no data loss; and 3% did not get their data back at all.

It’s not just the enormous crypto payments that affect these companies’ bottom lines. Reported ransomware attacks can negatively impact the public’s perception of a firm, with some people raising questions over their security practices. Fifty-three percent of survey participants said their brand was adversely affected following a ransomware disclosure, and 66% said they lost revenue due to an attack.

Ransomware attacks are forecast to cost $265 billion worldwide by 2031, according to Cybersecurity Ventures.

Check Point Research writes that ransomware attacks have increased almost 100% in the last year. We’ve seen some huge payouts recently, including JBS, the world’s biggest meat processor, handing over $11 million; the Colonial Pipeline attack that earned those behind it $4.4 million, though $2.3 million was recovered; an indirect attack on Apple; the CD Projekt Red incident; and a hit on Acer.

Masthead credit: Andrey_Popov

Permalink to story.

 

QuantumPhysics

Posts: 5,028   +5,638
I've never been hit by ransomware, but even if I was, it would be a chance to erase my drive and do a clean install. All my important files are on a NAS or the cloud and there are several backups.

Otherwise: I truly wish there was a way to find these hackers/scamsters and give them the most severe of public beatings.
 

VariableSpike

Posts: 55   +73
I've never been hit by ransomware, but even if I was, it would be a chance to erase my drive and do a clean install. All my important files are on a NAS or the cloud and there are several backups.

Otherwise: I truly wish there was a way to find these hackers/scamsters and give them the most severe of public beatings.

I would still exercise caution, as many ransomwares can infect multiple PC's on the same network, and some are specifically designed to hunt out NAS devices to make sure your backup is knocked out as well (especially commercial ready made ones based on QNAP QTS or Synology's DSM et al
 

Bullwinkle M

Posts: 519   +421
I've never been hit by ransomware, but even if I was, it would be a chance to erase my drive and do a clean install. All my important files are on a NAS or the cloud and there are several backups.

Otherwise: I truly wish there was a way to find these hackers/scamsters and give them the most severe of public beatings.
You're not running Windows XP, so stop bragging!

You will never find the hackers and your backups are already infected

 

Gerald L

Posts: 10   +2
Gee. Who would have thunk that once paid off, a ransomware hacker would strike again?? After all, ransomware hackers are honest people, right? 😱😱😱

It's not that simple. Generally speaking, there isn't even any hacking involved. All it takes is one non-savvy person at your company to open a sketchy attachment, and the process of sending those e-mails out is automated. That person may or may not learn their lesson; a second person at the company, however, might not learn from the initial example and also get got.

There is malice involved, but it's not necessarily *active* malice.