On average, the ransom demanded in crypto currencies by ransomware hackers increased by 200% from 2018 to 2019.
According to a report published on 5 June by the cyber security company Crypsis Group, the average ransom demanded by ransomware groups for crypto currencies in 2019 reached USD 115,123.
The average number of ransoms demanded, on the other hand, increased by 300% from the first quarter of 2018 to the last quarter of 2019, reaching more than USD 21,700. According to Crypsis Group, ransoms demanded have increased as hackers increasingly target companies and select victims capable of paying higher sums.
Congress fears that the United States is losing the battle against malware and cyber weapons from the darkweb
Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s US subsidiary was the victim of a ransomware attack that resulted in the theft of 1.5 terabytes of sensitive data from the company and its partners.
The highest ransom Crypsis has seen since 2015 was $5 million, paid by a health care organization.
The highest ransom ever demanded was $15 million, after hackers stole data from a data center and a solution provider.
BlockFi data breach can allow criminals to extort rich customers
The attack vectors
Crypsis also reveals that in 50% of ransomware infections, the attack vector was the remote desktop protocol. The report explains that „when enabled, RDP allows users to connect remotely to other Windows-based devices or networks“. When RDP is improperly implemented it can become an easy attack vector.
The second most important attack vector cited in the report is social engineering, usually email phishing or spearphishing. Social engineering refers to techniques that manipulate people rather than just computers to obtain the desired target, such as information useful for infecting systems.
The ransomware Maze group hacked two plastic surgeons
Phishing“ is the practice of sending messages, usually emails, with malicious intent, often including malicious software as an attachment. While phishing is usually sent en masse to a large number of people, spearphishing attacks target one recipient, with personalized content intended to make the message more compelling.