The average ransom businesses paid to cybercriminals surged 78% last year to $541,010, fueled in part by the rapid spread of “ransomware as a service” (RaaS), according to a new report by Palo Alto Networks, a global cybersecurity company.
The Unit 42 Ransomware Threat Report found that the amount of ransom demanded, which is not necessarily the same amount that was ultimately paid, averaged $2.2 million in cases that Palo Alto handled – a 144% increase over 2020.
“The long-term effects of these ransomware attacks can be devastating, going beyond the actual cost of the ransom to include a number of ancillary costs associated with downtime, remediation and disruptions to business,” the company said in its report.
Cybercriminals most commonly infect targets with ransomware through phishing, remote desktop protocol exploitation and entry through software weaknesses. Healthcare, public health, and financial service companies are the most frequently targeted, but anyone can be a victim.
There was an 85% increase in the number of victims who had their names and other details posted publicly on dark web “leak sites” that ransomware groups use to coerce their targets. Multiple extortion tactics like these are an indication of the future of the ransomware threat landscape, the report said.
Ryan Olsen, vice president of Threat Assessment Intelligence at Palo Alto Networks, says ransomware-as-a-service (RaaS) operators continue to grow.
“RaaS operators offer a wide array of easy-to-use tools and services that make launching a ransomware attack almost as simple as using an online auction site,” Olsen said. “These operators have been making investments during these past few years to optimize their businesses. They have perfected their malware, developed marketing strategies to recruit more affiliates and even built up technical support operations to help victims get back online once they pay their ransoms.”