Why it matters: It's no secret that ransomware has become the hacker’s weapon of choice in recent years. We regularly see the malware used to extort hospitals, businesses, and local governments, but the growth in the number of incidents is shocking. In 2019, 205,280 organizations had files encrypted in ransomware attacks, a 41 percent increase compared to the previous year, according to security firm Emsisoft.
The revelation comes from a New York Times report that examines the increase in recent ransomware attacks. According to security firm Coveware, the average payment for decryption keys to unlock files was $84,116 in the last quarter of 2019, double what it was during the previous quarter. In the last month of the year, that average jumped to $190,946.
“Anything of value that is smart and connected can be compromised and held for ransom,” said Steve Grobman, the chief technology officer at McAfee. “If critical infrastructure systems are held for ransom, what is our policy going to be for dealing with those?”
As of October last year, there were 81 incidents of ransomware affecting local US governments. Louisiana has been hit twice, while Riviera Beach, Florida, voted to pay $600,000 for a decryption key. Another Florida location, Lake City, paid around $500,000 in bitcoins to regain access to its systems, and the attack on Baltimore cost the city over $18 million. But while cities might appear to be popular targets, they are among the only victims who have to report the attacks. Public sector organizations represented only around 10 percent of all victims last year, Coveware said.
The FBI said attacks were becoming “more targeted, sophisticated, and costly.”
“What we find most concerning is that it causes not just direct costs, but also indirect costs of lost operations,” said Herbert Stapleton, cybersection chief at the FBI. “We certainly view it as one of the most serious cybercriminal problems we face right now.”
Europol, the EU’s law enforcement agency, believes the problem is even more serious. It called ransomware “most widespread and financially damaging form of cyberattack.”
While we’ve long heard that paying ransomware attackers is a bad idea as it’s no guarantee the files will be unlocked, many organizations still hand over the money, which has caused cybersecurity insurance rates to rise.
Authorities believe the problem will get worse before it gets better, as new forms of ransomware, such as Snake or Ekans, are identified.