On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019.
According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123.
The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums.
Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to a ransomware attack which resulted in the theft of 1.5 terabytes of sensitive data from the firm and its partners.
The highest ransom that Crypsis has seen since 2015 was $5 million, paid by a healthcare organization.
The highest ransom ever demanded was $15 million dollars, after hackers had stolen data from a data center and solutions provider.
The attack vectors
Crypsis also reveals that in 50% of ransomware infections, the attack vector was the remote desktop protocol. The report explains that “when enabled, RDP allows users to remotely connect to other Windows-based devices or networks.” When RDP is implemented in inadequate ways it can become an easy attack vector.
The second leading attack vector cited in the report is social engineering, usually email phishing or spearphishing. Social engineering refers to techniques that manipulate people rather than just computers to obtain the desired goal, such as information useful to infect the systems.
Phishing is the practice of sending messages — usually emails — with malicious intent, often including malware as an attachment. While phishing is usually sent en masse to great numbers of people, spearphishing attacks are targeted towards the recipient, with personalized content meant to make the message more convincing.