The average ransom demand hit $2.2 million in 2021, a 144 percent rise from the year prior, according to Palo Alto Networks’ Unit 42 consultants, while the average ransom payment grew 78 percent to $541,010.
The research and consultancy outfit latest ransomware report, issued this week, pulls data from cases handled by Unit 42 along with analysis of ransomware gangs’ leak sites.
These findings, combined with another ransomware report released this week from the US Senate Homeland Security and Governmental Affairs Committee, paints a disturbing picture of cyber criminals’ increasingly brazen tactics, and how difficult it is for organizations of all sizes to defend themselves.
And while almost no country or industry escaped unscathed in 2021, some regions and sectors were hit harder than others. Unit 42’s ransomware leak site analysis identified the Americas as home to most of the organizations that experienced an attack, some 60 percent, compared to 31 percent in Europe, the Middle East and Africa, and nine percent in the Asia-Pacific region.
The infosec team also found professional and legal services (1,100) and construction (600) firms names most frequently on leak sites.
“As these ransomware gangs and RaaS operators find new ways to remove technical barriers and up the ante, ransomware will continue to challenge organizations of all sizes in 2022,” warned Ryan Olson, VP of threat intelligence for Unit 42, in a forward to his organization’s report.
But first, a look back on 2021.
More multi-extortion to come