Ransomware attacks jumped 41% last year as average payments reached $190,946

[midian182]

Why it matters: It's no secret that ransomware has become the hacker’s weapon of choice in recent years. We regularly see the malware used to extort hospitals, businesses, and local governments, but the growth in the number of incidents is shocking. In 2019, 205,280 organizations had files encrypted in ransomware attacks, a 41 percent increase compared to the previous year, according to security firm Emsisoft.

The revelation comes from a New York Times report that examines the increase in recent ransomware attacks. According to security firm Coveware, the average payment for decryption keys to unlock files was $84,116 in the last quarter of 2019, double what it was during the previous quarter. In the last month of the year, that average jumped to $190,946.

“Anything of value that is smart and connected can be compromised and held for ransom,” said Steve Grobman, the chief technology officer at McAfee. “If critical infrastructure systems are held for ransom, what is our policy going to be for dealing with those?”

As of October last year, there were 81 incidents of ransomware affecting local US governments. Louisiana has been hit twice, while Riviera Beach, Florida, voted to pay $600,000 for a decryption key. Another Florida location, Lake City, paid around $500,000 in bitcoins to regain access to its systems, and the attack on Baltimore cost the city over $18 million. But while cities might appear to be popular targets, they are among the only victims who have to report the attacks. Public sector organizations represented only around 10 percent of all victims last year, Coveware said.

"Don't hand over the money" - advice that almost nobody follows

The FBI said attacks were becoming “more targeted, sophisticated, and costly.”

“What we find most concerning is that it causes not just direct costs, but also indirect costs of lost operations,” said Herbert Stapleton, cybersection chief at the FBI. “We certainly view it as one of the most serious cybercriminal problems we face right now.”

Europol, the EU’s law enforcement agency, believes the problem is even more serious. It called ransomware “most widespread and financially damaging form of cyberattack.”

While we’ve long heard that paying ransomware attackers is a bad idea as it’s no guarantee the files will be unlocked, many organizations still hand over the money, which has caused cybersecurity insurance rates to rise.

Authorities believe the problem will get worse before it gets better, as new forms of ransomware, such as Snake or Ekans, are identified.

Permalink to story.

https://www.techspot.com/news/83962-ransomware-attacks-jumped-41-last-year-average-payments.html

 

[Unusual Kmc]

I don't get why people still do this - hasn't it been known for a long time that governments can track the money if its withdrawn? So what's the point if its just going to sit there

 

[Bullwinkle M]

I don't get why people still do this - hasn't it been known for a long time that governments can track the money if its withdrawn? So what's the point if its just going to sit there

It's not about the money!

It's about SECURITY!

Ransomware authors teach you to secure your $hit

Microsoft however, never learns the lesson and Spyware Platform 10 makes you insecure by default

I'm still running Windows XP-SP2 ONLINE without ANY MS security updates and I have NEVER had a ransomware problem

I go to malware sites and test malware of all types
I blatently tempt ALL hackers to wreck my XP box and they have ALL failed

If anyone thinks they can wreck my XP box with ransomware, then take your best shot!

Russian hackers, CIA, NSA, Israeli Military, Chinese Military, North Koreans

Go for it tuff guys....
Wreck My box!

You see, an operating system that can be locked down by "the end user" will always be far more secure than an operating system that can only be locked down by "Microsoft"

The end user has no control over their shiney new Spyware Platform

Get Schooled Bishez!

 

[GreenNova343]

I call BS on that, as any of the browsers out there -- Firefox, Safari, Chrome, let alone IE -- that can actually run on XP are so out-of-date that they'll have trouble with the majority of websites out there. So saying, "I haven't been infected by any of the sites I visit" doesn't mean much, when it's actually being qualified as "any of the sites I can visit"...

 

[Bullwinkle M]

I call BS on that, as any of the browsers out there -- Firefox, Safari, Chrome, let alone IE -- that can actually run on XP are so out-of-date that they'll have trouble with the majority of websites out there. So saying, "I haven't been infected by any of the sites I visit" doesn't mean much, when it's actually being qualified as "any of the sites I can visit"...

I call BS on your BS!

It means EVERYTHING!

Zero successful malware attacks in more than 5 years and Zero BlueScreens of death in over 10 years of use is all the evidence I need

It will never be enough evidence for you because you don't have a clue whats going on here

You simply drink the Kool Aid and do whatever Microshaft tells you to do

 

[GreenNova343]

I call BS on your BS!

It means EVERYTHING!

Zero successful malware attacks in more than 5 years and Zero BlueScreens of death in over 10 years of use is all the evidence I need

It will never be enough evidence for you because you don't have a clue whats going on here

You simply drink the Kool Aid and do whatever Microshaft tells you to do

0 BSoDs & 0 malware attacks for during the same period, running BOTH Windows 7 & Windows 10.

Aside from 1 or 2 glitches involving AMD graphics drivers, the ONLY issues I've had during that time were hardware issues: a hard drive went bad (although I was able to pull the info off easily); & my 7-year-old GA-990FXA-UD3 motherboard finally gave up the ghost (not surprising, given that I originally bought it for a Phenom II CPU before going to the FX-8320).

And no, I have no particular love of Microsoft (we have 2 iPhones, as well as an iPad & Macbook that my wife uses for work)...but by & large my experience with them has actually followed more of Apple's motto: "It just works". Maybe you just didn't know what you were doing with Windows 7 or 10...

 

[Bullwinkle M]

Quote:
"Maybe you just didn't know what you were doing with Windows 7 or 10..."
---------------------------------------------------------------------------------------
LOL

I know it is not possible for end users to secure Windows 7 or Windows 10!

That's the point!

 

[BadThad]

The penalty for being responsible for cyber extortion should be DEATH.

 

[Bullwinkle M]

The penalty for being responsible for cyber extortion should be DEATH.

Correction
The penalty for introducing backdoors and vulnerabilities allowing cyber extortion should be DEATH.

There, fixed it for ya!

Ransomware encryption and wipers PREVENT you from exposing personal information to millions of complete strangers on the Internet

Prevent YOUR incompetence and the problem is solved!

 

[Evernessince]

Windows defender has Ransomware protection but it's off by default and not very intuitive. It's time Microsoft step it up a notch and improve it.

 

[brucek]

If we keep paying, they'll keep hacking. And many more "employees" will join the industry to do the same.

I'd like to see legislation making it illegal for US government entities to pay; making it less appealing for private entities to pay via disclosure requirements and surcharge taxes; and authorizing increased enforcement and retaliation via NSA, renditions, drones, military, etc (when the severity and nature of the targets justifies it - after all you attack major city infrastructure it sounds like an act of war to me.) Although admitted the latter may not be a walk in the park when the attacker is the hard currency revenue unit of the North Korea military.

 

[Bullwinkle M]

If we keep paying, they'll keep hacking. And many more "employees" will join the industry to do the same.

I'd like to see legislation making it illegal for US government entities to pay; making it less appealing for private entities to pay via disclosure requirements and surcharge taxes; and authorizing increased enforcement and retaliation via NSA, renditions, drones, military, etc (when the severity and nature of the targets justifies it - after all you attack major city infrastructure it sounds like an act of war to me.) Although admitted the latter may not be a walk in the park when the attacker is the hard currency revenue unit of the North Korea military.

Whether you pay or not is irrelevant

As long as you leave yourself vulnerable to these attacks, they will continue

As I've stated above, it's not about the money

You deserve ransomware & wipers!

The bad guy is YOU!

 

[brucek]

Actually most people like to be paid for their time, and/or need to be. If they can't get paid doing this, they'll do something else. That'll handle the casual profiteer who thinks it is easy money.

As to not leaving yourself vulnerable to something more determined than that, while I agree everyone should be following best practices, in the end they are no more going to stop a determined first tier attacker than would attempting to secure your house against a tank or air strike. An intelligence agency tasked with penetrating your facility can social engineer anyone with access, could physically break in, or could place their own spy as an employee or blackmail or extort an existing one. In the end meaningful retaliation is also an important part of not leaving yourself vulnerable - you want them to think twice before starting this aggression.

 

[Bullwinkle M]

"you want them to think twice before starting this aggression."
---------------------------------------------------------------------------------------------------
and we want YOU to think twice about leaving yourself and everyone around you open to attack

Think twice about supporting criminals who make operating systems designed to maintain monopoly power with backdoors, extortion / blackmail and spyware

Think twice about leaving "MY" personal information on "YOUR" server for any criminal to steal, or to sell it to other criminals

Seriously, good call......
THINK TWICE!

 

[PEnnn]

Lately, in one "sunny" state in the US, 3 towns were hit with ransom- ware attacks in a 4 week period (these are the ones we know about, possibly many more were too embarrassed to publicize it). Those affected had no access to their data and had to pay, aka, the taxpayer had to pay amounts ranging from $300k - $600k to get their data back!

In other words, due to the stupidity of those who run the IT Depts in those towns and having had no backups!!!) and no clue about the basics of data security ... it was just a matter of time.

Chances of this happening again?? Quite good, actually!!