Home GDPR #Privacy: Average ransom payout increases to $41,000
GDPR - November 13, 2019

#Privacy: Average ransom payout increases to $41,000

Research by Coveware has identified that the average ransom paid out by victims has increased 13% in the last three month. 

In its Q3 Ransomware Marketplace report, the average ransom paid was $41,198, an increase of 13% as compared to Q2 of 2019, $36,295. 

However, the researchers noted that the rate of increase has “plateaued” due to victims finding new methods to restore and recreate data instead of paying. Despite this, it hasn’t prevented malicious actors utilising Sodinokibi and Globelmposter variants from targeting large Managed Service Providers (MSPs) and large enterprises with million dollar plus demands.

The average downtime increase to 12.1 days from 9.6 days in Q2 of 2019, and can be explained by the increased number of successful attacks against larger enterprises. 

“Larger enterprises have more complex networks, and restoring data via backups or decryption takes longer than restoring the network of a small business. Additionally, database corruption or the loss of domain controllers at large organizations can add significant complexity to recovery efforts, which leads to more downtime,” Coveware reported. 

The three most common ransomware types in use during the third quarter of 2019 were Ryuk, Sodinokibi and Phobos. In addition, small enterprise-level variants such as Snatch, Estemani, Netwalker and Hidden Tear were being pushed. 

The industry most targeted by ransomware in Q3 was the Professional Services industry, accounting for 18.3% of incidents, followed by the public sector with (13.3%).  

“No other sector experienced a change of such magnitude, and the attention that both federal and state lawmakers are paying to the problem is warranted. Until these organizations are able to right-size their IT security budgets and IT headcount, these attacks will certainly continue,” Coveware wrote.

The post #Privacy: Average ransom payout increases to $41,000 appeared first on PrivSec Report.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Are you reporting to the CEO? Most security leaders don't

Only 7% of security leaders report to the CEO. Security leaders have assumed more acc…