Average Ransomware Payment Hits $570,000 in H1 2021

A new report finds ransomware gangs now bundle extortion methods to make victims pay up after an attack.

Dark Reading Staff, Dark Reading

August 9, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The average ransomware payment is up 82% in the first half of 2021, coming in at a record $570,000, according to a new report from Palo Alto Networks' Unit 42. It's a big jump from last year's average payment of more than $312,000, an increase of 171% from the year prior. 

The findings note an increasing use of "quadruple extortion" by criminals. Researchers say ransomware operators commonly use as many as four techniques to pressure victims into paying. Among these are encryption, in which victims pay to regain access to scrambled data and compromised systems, and data theft, in which attackers release sensitive information if ransom isn't paid.

The third technique is denial of service (DoS), in which ransomware gangs launch DoS attacks to shut down a victim's public websites. The fourth is harassment, in which attackers contact a victim's customers, business partners, employees, and media to tell them an organization was hacked.

"While it's rare for one organization to be the victim of all four techniques, this year we have increasingly seen ransomware gangs engage in additional approaches when victims don't pay up after encryption and data theft," researchers say in a summary of the findings.

Unit 42 consultants said among the cases they reviewed in the first half of 2021, the average ransom demand was $5.3 million. This marks an increase of 518% from the 2020 average of $847,000.

The highest ransom demand of a single victim seen by Unit 42 consultants was $50 million in the first half of 2021, up from $30 million last year. The largest confirmed payment so far in 2021 is the $11 million that meat processor JBS SA disclosed after they were hit by an attack in June.

The full report can be found here.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights