Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Threat Monitor

11:59 PM
Edge Editors
Edge Editors
Threat Monitor

15% of Ransomware Victims Paid Ransom in 2019, Quadrupling 2018

Increasing sophistication of ransomware attacks might be forcing victims to open their wallets. Click image to read more.

Fewer survey respondents reported ransomware attacks in 2019 than in 2018, according to a recent Dark Reading survey. Yet, the number reporting that they paid an attackers' ransom nearly quadrupled -- rising to 15% of those that had suffered a ransomware attack.

Ten percent of respondents stated that their organization had suffered a ransomware attack (down from 12% in the 2018 study). Of those, fifteen percent said that they paid the ransom, up from just 4% last year.   

Ransomware attacks are becoming increasingly severe and sophisticated. As Jai Vijayan wrote for Dark Reading last month:

Some recent developments include growing collaboration between threat groups on ransomware campaigns; the use of more sophisticated evasion mechanisms; elaborate multi-phase attacks involving reconnaissance and network scoping; and human-guided automated attack techniques. ...

In many attacks, threat actors have first infected a target network with malware like Emotet and Trickbot to try and gather as much information about systems on the network as possible. The goal is to find the high-value systems and encrypt data on it so victims are more likely to pay.

If we look at the big picture, we will discover that what is changing is the threat actors' approach to distributing the Trojans and selecting their victims," Fedor Sinitsyn, senior malware analyst at Kaspersky says. If five years ago almost all ransomware was mass-scale and the main distribution vector was via spam, nowadays many criminals are using targeted attacks instead.

On a sunnier note, more companies might be paying ransoms because they have cyber insurers to help them bear the cost of those payments. As the police chief of Valdez, Alaska told Dark Reading after the city fell victim to ransomware, "I can't emphasize enough how much [cyber insurance] saved our community." 

Thirty-four percent of respondents to the Dark Reading report said they have insurance specifically for cyber incidents -- double the number reported in 2017 -- and 18% reported filing a claim.

Download the full report, How Data Breaches Affect the Enterprise, here. 

The Edge is Dark Reading's home for features, threat data and in-depth perspectives on cybersecurity. View Full Bio


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
1/10/2020 | 9:54:38 AM
Statistics on the success of the paid ransome
Great article, the one thing I would like to know from this research is the success rate of those who paid the ransom. Seeing the numbers would be very interesting and show the reality of what happens to orgs that actually pay. My guess is that the success rate is not very high, but that is just my guess.
Gone in a Flash

Source: StaySafeOnline.org

What security-related videos have made you laugh? Let us know! Add them to the Comments section or email us at [email protected].

Name That Toon: Mask Out
Flash Poll