Ransomware: Another Wave, Same Victims

Unethical, malicious actors renege on ransom agreement, delivering corrupt files and half-truths.

June 28, 2021, 4:51 p.m.

TL;DR

True to Veamm's predictions back on September 4, 2020, of a record spate of ransomware in 2021, a new wave lingering from the 2021 first quarter has been launched.

While 13% attested to retrenchments to remain afloat, 20% could not handle the impact and were forced to sink.

Key Facts

1
80% of prior victims have been upended again.
2
46% of victims believes the attack to be orchestrated by the same threat actors.
3
Censuswide provides details of a survey welcomed by 1,263 security professionals in seven major markets worldwide.

Details

One would expect integrity from villains, hackers, criminals, etc. However, ransomware threat actors aren't living up to these ethical expectations. On the other hand, 2021 has undoubtedly been living up to Veamm's predictions of the ransomware attack ratio - 11 seconds per organization, meaning it would stay atop all cyberattack polls and would be mentioned in every cybersecurity summit.

Many enterprises opted to regain access to their encrypted networks by dancing to the actors' tunes; however, most of these businesses suffered subsequent attacks. In addition, about half of those that mustered funds to pay up claimed they retrieved corrupted data.

There were many calls in the media to ban the paying of ransoms, and perhaps they feared the threat actors had more ambition than getting paid once. However, the first round of payments could be labeled ego-greasing. A Cyberseason survey reported that 46% of these new incidents on a whopping 80% of organizations that paid the first demands were orchestrated by the same hackers.

The survey, courtesy of Censuswide, was welcomed globally by 1,263 professionals in seven big markets - the US, France, Germany, etc.

51% of those that had their systems encrypted had it reinstated without any data loss, 3% claimed they were shut out for life. The survey had it that one particular organization was hapless enough to be targeted by the same hackers they paid millions of dollars to, two weeks after they had paid.

Out of 100 respondents in Singapore, 90% endured another ransomware attack after meeting initial demands, with only 28% having their data reinstated. In addition, about 73% admitted to incurring financial losses, a little higher than the global average of 66%. In comparison, 40% of Singapore respondents suffered irrecoverable losses to their brands, compared to a 53% average globally.

Meeting ransom demands of $140,000 to $1.4 million was 37%, and at least 5% paid at least $1.4 million. While 13% attested to retrenchments to remain afloat, 20% could not handle the impact and were forced to sink.

The global survey found 81 respondents claiming they were paying due attention to the risks that come with ransomware accounts, with 73% claiming they had deterrents to deal with such infamous circumstances.

Global ransomware attacks were estimated to propel $265 billion by 2031. However, Veamm's predictions of 11 per second might look worse as time goes on. For example, in 2021, attacks were estimated to hit 57 times the amount in 2015, around $20bn.

Many cybersecurity ventures are at the forefront of the ransomware war, such as CheckPoint Research, Veamm, Cybereason. CheckPoint Research ransomware attacks had higher growth prospects, climbing 20% in two months and 93% in the past year.

Cybersecurity vendors reiterated that deterring ransomware was better than paying ransom demands. Still, Cybereason went on to say that strategy could be ineffective in the face of this new double extortion paradigm.