Cybercriminals just getting richer as more companies cough up for ransomware

  • More and more companies are being targeted by ransomware attacks.
  • The median ransom payment has jumped 300% since 2018.
  • Most victims are paying up - but that doesn't mean they get their data back. In 2018, less than half who paid had their stolen information returned.

Cyber criminals are laughing all the way to the bank as the number of ransomware attacks increases, and the majority of companies targeted pay up, according to a new report.

Moreover, according to raw data analysed, the average amount demanded rose 200% from 2018 to 2019, averaging $115 123 in 2019. The median ransom payment, meanwhile, has increased 300% since the beginning of 2018.

Ransomware is a type of malware where the criminal encrypts files often containing sensitive data, which they then threaten to publish unless a ransom is paid.

IT firm Atlas VPN extracted and analysed data from various security companies including CyberEdge, Crypsis and Datto, which it incorporated into an analysis released on Tuesday. It said that in a comparison of 2018 and 2019 figures, a growing number of organisations succumbed to blackmail.

Citing data from Datto, the report said some 55% of companies studied had received a demand for ransom in previous 12 months. While 38% of those victimised paid up in 2018, 45% did so in 2019, and more than half – at 57% - coughed up in 2020.

However, those that did pay were not always rewarded for it. In 2018, less than half those who paid the ransom got their stolen information back, while in 2019 the figure increased to 61%, and in 2020, 66%.

"It is safe to say cybercriminals got greedier"

"It is safe to say cybercriminals got greedier in 2019," said Atlas VPN.

Among the data studied was an analysis of over 1 000 incidents from Crypsis Group, which services clients worldwide. Crypsis found a rapid escalation in the median ransom payments, from just over $5 400 in the first quarter of 2018 to a peak of over $22 800 in the third quarter of 2019.

Atlas said avoiding ransomware attacks required understanding the leading reasons behind such incidents.

"[The] leading causes can be divided into two categories: outside and inside threats," it said.

Low security awareness among staff was a key contributing factor to inside threats, while phishing scams were a major outside threat.

Heightened risk

Cyber security experts have warned of heightened risk during the coronavirus pandemic, as increased numbers of employees work from home and more meetings take place virtually, making them vulnerable to interception.

Fin24 earlier reported that Life Healthcare group had been hit by a "targeted criminal attack" on its IT systems, which was being investigated by external security teams. Patient care had not been impacted, it said.

Further afield, several of automaker Honda's plants were brought to a standstill due to a cyber-attack on Tuesday.

However, cyber-attacks in general – and ransomware attacks in particular – have been on the rise for some time. The US saw a record number of ransomware attacks in 2019, with over 960 government agencies, schools and healthcare providers attacked, Bloomberg reported.

In South Africa, both City Power and the City of Johannesburg fell victim to ransomware attacks in 2019.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot