For example, we’ve started to see ransomware gangs encrypt a type of software known as a hypervisor, which can corrupt multiple virtual instances running on a single server. We expect the ransomware crisis will continue to gain momentum over the coming months, as cybercrime groups further hone tactics for coercing victims into paying and also develop new approaches for making attacks more disruptive. Last year, the largest payment we observed was $10 million. The largest confirmed payment, so far this year, was the $11 million that JBS SA disclosed after a massive attack in June. Kaseya eventually obtained a universal decryption key, but it’s unclear what payment was made, if any. Additionally, REvil recently tested out a new approach by offering to provide a universal decryption key to all organizations impacted by the Kaseya VSA attack for $70 million, though it quickly dropped the asking price to $50 million. The highest ransom demand of a single victim seen by our consultants rose to $50 million in the first half of 2021 from $30 million last year. Among the dozens of cases that Unit 42 consultants reviewed in the first half of 2021, the average ransom demand was $5.3 million. As they’ve adopted these new extortion approaches, ransomware gangs have gotten greedier. The 2021 Unit 42 Ransomware Threat Report, which covered 2020 trends, flagged double extortion as an emerging practice – and the latest observations show attackers again doubling the number of extortion techniques they use. While it’s rare for one organization to be the victim of all four techniques, this year we have increasingly seen ransomware gangs engage in additional approaches when victims don’t pay up after encryption and data theft.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |