Ransomware payments hit a new all-time high last year

Average ransom payment rose by almost 80 percent to reach $500k

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Asransomwareattacks hit more businesses than ever before in 2021, so too did the number of businesses that paid cybercriminals to unlock their data.

According to anew reportfrom Palo Alto Networks’Unit 42, ransomware payments reached a new high last year driven by the fact that cybercriminals began using Dark Web “leak sites” to put additional pressure on victims to pay up.

Based on cases worked by incident responders from Unit 42 last year, the average ransom demand rose by 144 percent to reach $2.2m while the average payment climbed by 78 percent to $540k.

The industries hit hardest by ransomware attacks last year include professional and legal services, construction, wholesale and retail, healthcare and manufacturing.

Cyber extortion

Cyber extortion

Of the ransomware groups in operation last year,Contiwas responsible for the most activity and it accounted for more than one in five of the cases worked by Unit 42’s consultants.

REvilor Sodinokibi (which has since beenshut down Russia’s FSB) took the second spot at 7.1 percent followed byHello KittyandPhobosat 4.8 percent each. In addition to being responsible for the most attacks, the Conti ransomware group posted the names of 511 organizations on its Dark Web leak site which was more than any other group.

Ransomware is now a billion-dollar market

IT workers believe ransomware is as serious as terrorism

The vicious cycle that makes ransomware such a potent threat

Palo Alto Network’s report also goes into more details on how the cyber extortion ecosystem grew last year with the emergence of 35 new ransomware gangs. At the same time, ransomware groups invested their profits into the creation of easy-to-use tools and increasingly leveraged zero-day vulnerabilities.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Leak sitesplayed a big role in getting organizations to pay ransom demands and the number of victims whose data was posted on such sites rose by 85 percent last year to reach 2,566 organizations. When it came to the location of leak site victims, 60 percent were in the Americas, 31 percent were in Europe, the Middle East and Africa and nine percent were in the Asia-Pacific region.

While ransomware groups continue to plague organizations around the world, law enforcement authorities and even tech giants likeMicrosofthave stepped up to try and disrupt their operations.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Quordle today – hints and answers for Friday, November 8 (game #1019)