Ransomware demands increasing

The average ransom demanded by cybercriminals when committing a cyber attack more than doubled in fourth quarter last year.

Cybersecurity company outfit Coveware said that the average payment increased 104 per cent to $84,116 (£64,408) this was mostly due to an increased focus on larger enterprises, resulting in larger ransom demands.

The firm said that one strain of ransomware, Ryuk, made its owners $780,000.

Covewire provides ransomware incident response services and in some cases recommends that attacked businesses pay the ransom to retrieve their data, with its team carrying out “extortion negotiation” on behalf of victims.

It claimed that there was a 98 percent payment success rate in the fourth quarter, meaning that decryption tools were sent to the affected businesses in the vast majority of cases.

On average these companies were able to decrypt 97 percent of their data.

“Less sophisticated attackers have a higher likelihood of deploying payloads in an irresponsible manner that corrupts data beyond recovery. We have seen certain ransomware-as-a-service groups become very selective about who they allow becoming a distribution affiliate. This can limit the scope of their earnings but allows them to control the reputation of their ransomware, which in the long run may result in higher profits from their criminal efforts”, the report said.

Coveware said that over half of ransomware attacks were triggered through vulnerabilities in the Remote Desktop Protocol (57.4 percent), with email phishing accounting for over one quarter (26.3 percent).