The footprint of ransomware has been growing globally in terms of both impact and payouts for attackers. However, it has also evolved into many dangerous forms nowadays as threat actors are stealing sensitive info through ransomware attacks and threatening to sell it on the dark web.
This means that the avenues of extorting big money from victims have also increased for malicious actors. So, now there are multiple ways for a ransomware victim to suffer the damages of an attack. With this, the chances of payout for malicious actors have also grown.
$265 Billion: Cost of Ransomware by 2031
$265 billion! You heard it right. $265 billion would be the cost of ransomware by the end of 2031. ZDNet has published this prediction made by Cybersecurity Ventures. This estimate includes the cost of disruption of business during and post-attack, harm to the reputation of the organization, and the cost of employee training following such an attack.
The same article mentions that the average ransomware payouts have increased from $115,123 to $312,493 by over 171% from 2019 to 2020 alone.
“Despite authorities’ recent success in busting several ransomware gangs, this particular breed of malware has proven to be a hydra – cut off one head and several appear in its place — and all signs are that the coming decade will be no less problematic,” Cybersecurity Ventures noted.
As ransomware attacks have become more incentivized than ever, the modes of launching ransomware attacks have increased in number too. Now newbie threat actors are using services like RaaS and easily available cheap ransomware toolkits on the dark web.
Join our weekly newsletter and get the latest cybersecurity updates delivered directly to your inbox
Like other cloud service providers, RaaS (Ransomware-as-a-Service) is based on a software subscription model. The worrying fact is that it has now become a go-to tool for beginner threat actors. This is because the ease with which this service can be availed will allow the rookie malicious actors to launch ransomware attacks easily and frequently.
The RaaS model works like any other legitimate service. The affiliates who offer their services are given identifier codes for the distribution of commissions. Moreover, the service providers are mostly professional programmers who are looking to earn some extra money.
Recent Incidents of Ransomware Attacks
We haven’t got past even half of this year and ransomware attacks have clogged the cyber landscape. Some of the most devastating ransomware attacks from 2021 are mentioned below:
- Colonial Pipeline: The ransomware attack on Colonial Pipeline bit the biggest chunk of the news in 2021. This was majorly due to the extent of damage that resulted from it. The attack caused major disruption to fuel supply in many parts of the US. Colonial Pipeline ended up paying $4.4 Million in bitcoins to the attackers.
- Acer: The computer manufacturer Acer got attacked by ransomware in the month of March 2021. The organization ended up paying $50 million to the REvil hackers group, which is one of the largest known to date.
- AXA: In May 2021, the insurance company AXA was attacked by Avaddon group. This attack came after the insurance firm announced that they would stop covering many of their clients with reimbursements in case of ransomware attacks. However, this attack on the insurance firm brought out the irony of the whole matter.
- JBS Foods: Major Brazilian meat processing company JBS Foods has admitted to paying up $11 million in ransom to attackers who brought down its plants. These plants produce meat products that roughly comprise one-fifth of the USA’s meat production.
Just Help Yourself and Don’t Let it Happen in the First Place
They say – “Prevention is better than cure”. But in the case of ransomware – “Prevention is the only cure”. This is true because after a ransomware attack takes place, it is very unlikely for an organization to resist paying up the ransom in exchange for compromised info and blocked access.
Enhancement of employee awareness through modern techniques can go a long way in preventing ransomware from gripping the organization. Security awareness tools like TSAT provide the organization with handy tools for launching simulation attacks and analyzing results from them. This helps in viewing the level of awareness of each individual employee in the organization and their collective awareness as a group.
Over and above this, Threatcop also comes with a huge library of awareness content to engage the participants and educate them. Using modern methods such as this one can be of great assistance in figuring out the vulnerabilities arising from employee negligence in the organization.
Ransomware will keep knocking on your door until you ward it off through better learning and improved technology. It is here and it’s growing by leaps and bounds every day. The only way to stay secure is by being vigilant and acting proactively.