According to the Hiscox cyber readiness report 2021, US companies who succumbed to the ransomware demands, paid an average of $17,959 in ransoms, over a 12-month period. The total amount paid by ransomware victims in 2020 was $350m. Garmin reportedly paid about $10m to Evil Corp ransomware hackers, in August 2020.
One big negative of paying ransom: it effectively funds the efforts of criminal hackers to get even better at what they do, giving the ransomware groups even more capabilities to pursue ever-larger targets.
As ransomware attacks surge, the FBI is doubling down on its guidance to affected businesses: Don’t pay the cybercriminals. But the U.S. government also offers a little-noticed incentive for those who do pay: The ransoms may be tax deductible.
The government has stuck to its position that hacking ransom should not be paid, and some experts think banning cryptocurrency is the answer, but others say there is no silver bullet solution that will end the ransomware cyberthreat.
According to BlackFog, ransomware cyberattacks are a big business, so big in fact, that research anticipates a business is attacked by a cybercriminal every 11 seconds and damage costs from these attacks will hit around $20 billion by 2021. Right now, the attacks are doubling the numbers of last 2020:
An USA will continue suffering the most, over 70% of the attacks have US Companies as the mainly goal:
Blockchain analysis shows that the total amount paid by ransomware victims increased by 311% this year to reach nearly $350 million worth of cryptocurrency. No other category of cryptocurrency-based crime had a higher growth rate. Keep in mind too that this number is a lower bound of the true total, as underreporting means they don’t have every victim payment address in their datasets.
Ransomware attackers move most of the funds taken from their victims to mainstream exchanges, high-risk exchanges (meaning those with loose to non-existent compliance standards), and mixers. However, the money laundering infrastructure ransomware attackers may be controlled by just a few key players, similar to the ransomware strains themselves.
Ransomware operators rely on several types of third party providers to conduct attacks. These include:
- Penetration testing services, which ransomware operators use to probe potential victims’ networks for weaknesses.
- Exploit sellers, who sell access to vulnerabilities in various types of software that ransomware operators and other cybercriminals can use to inject victims’ networks with malware.
- Bulletproof hosting providers, who provide web hosting customers can purchase anonymously and are generally lenient on the types of sites customers are allowed to host. Ransomware operators often need web hosting to set up command-and-control (C2) domains, which allow hackers’ computers to send commands to victims’ machines infected with malware.
To end this post, remember that we have currently reached the figure of 350 million dollars in ransomware payments according to The 2021 Crypto Crime Report. It is in our hands that this number continues to grow or that we know how to mitigate the effects of possible cyber attacks by making use of cybersecurity consultants like SegurTIC.