It’s not just the cost of recovery, but the average ransom being paid that’s grown. Hackers are getting greedier, but they’re also getting more successful too…

In a nutshell:

According to the cybercrime report produced by Palo Alto Networks and the incident response team at Crypsis, criminals are making more money and demanding more money than ever through their extortion attacks. On average in 2019, ransom payments made by organisations were just over $115k, rising to more than $312k in 2020: a rise of 171%. The highest ransom paid also doubled: $10 million in 2020 compared with $5 million in 2019, and cybercriminals upped their demands, with the highest request rising from $15 million in 2019 to $30 million in 2020.

It’s not just the value of what they are demanding that’s causing a problem either. The last year has seen a consistent rise in ‘double extortion’ which sees the initial attack of ransomware encrypting an organisation’s data and then extorting payment to release it, followed by theft of the files and a second demand for payment to prevent their release on the dark web. The problem that this presents is that the traditional method of reconfiguring systems and restoring files from backup is no longer applicable in a double wave attack where copies of your data have been stolen. You can still restore from backup to try and circumvent the first wave, but you certainly can’t use your backup to prevent your data being published.

The key figures:


Maximising your protection:

You can never fully eliminate the risk of ransomware hitting your systems, but you can do everything in your power to prevent it if possible and minimise the impact if it gets in. Our top tips include:

  • Minimising access in the first instance: try to stop the ransomware getting into your system by training and refreshing training for all your staff, encouraging vigilance and reporting, adding 2-factor authentication to your files, and ensuring all your cybersecurity protocols and procedures are up to scratch.
  • Add a backup and recovery process: just because there has been a rise in double wave ransomware attacks, doesn’t mean your backup is obsolete. Aside from protecting against all sorts of business risk – fire, theft, power failure etc. – backups still have their place in the protective chain. The key is to ensure you have a secure offsite backup, as once criminals gain access to your systems, they will seek to encrypt any on-site backups too.
  • Add security controls including end-point security, web URL filtering and antivirus for example to minimise the threat of ransomware getting in and taking hold. Don’t forget to ask about our CMDS product which adds multi-factor authentication and extra protection to all of your files.

Need help?

Speak to our team on  01453 700 800 for more information on creating a secure system and protecting your business against ransomware.