A high percentage of ransom victims choose to opt-out of pay the ransom amounts but don’t assume that the ransom will go away anytime soon.
The ransom rate paid to cyber criminals following a ransomware attack dropped as more and more companies were reluctant to fulfill extortion demands.
An analysis by cybersecurity company Coveware found that the average ransom price paid following the ransomware attack dropped by a third in the last quarter of 2020, falling to $ 154,108 from $ 233,817 three months ago.
The company attributes the drop in the average ransom payment to victims choosing not to give into demands to pay bitcoin in exchange for the decryption key, in which criminals say they will restore the network to functional Mode.
While it is good that a high percentage of these victims choose not to pay cybercriminals, there are still several organizations that offer it – allowing the software to continue, even if the attackers have been making little money.
However, it may be enough for some ransom operators to consider whether the effort is worthwhile.
“When a few companies pay, no matter what the cause, it has a long-term impact, and what can be combined over time can make a difference in the attack,” the Cover blog post said.
The proliferation of organizations that choose not to pay ransomware scams around the ransomware has also led criminal gangs to change their tactics, as it shows an increase in hacking attacks where criminals threaten to leak stolen information if the victim does not pay.
According to Cover, these accounted for 70% of ransomware attacks in the last three months of 2020 – up from 50% in the previous three months.
However, while about three-quarters of the organizations threatened to publish information between July and September for the ransom, that dropped to 60% of the organizations that fell victim between October and December.
Investigators note that even if a ransom is paid, there is no guarantee that criminals will delete the data and instead use it for other malicious purposes, something that organizations might consider when deciding to pay.
As cybersecurity companies and law enforcement agencies warn, any payments made after a hacking attack incite criminals to continue their attacks.
Rhlengware also continues to be successful because cybercriminals can successfully break into insecure networks to lay the groundwork for attacks.
Phishing scams and Remote Desktop Protocol (RDP) emails are the most common forms of hacking to install networks.
While the email of identity theft relies on victims to open malicious documents or links to initiate attacks, the RDP does not require a person in the victim’s organization to be involved at all, as attackers can misuse leaked credentials.
In both cases, the virus finds a way to communicate because cybercriminals use security threats. Installing security clips to protect malicious criminals who use known vulnerabilities can help stop malware activity on the network.
Using tools such as two-factor authentication can help prevent attackers from gaining access to the network because even if they have the right login details, it is tough to exploit them.
In the meantime, it regularly renews offline backups and provides organizations that are victims of cyber attacks with a way to retrieve the network without rewarding criminals.