When cyber gang DarkSide infiltrated the Colonial Pipeline, it had no idea shutting down the pipeline would cause major gasoline supply shortages on the U.S. east coast.
Elected officials and President Biden quickly rose to the occasion, demonstrating a threat to the nation’s critical infrastructure is a problem worth addressing.
The attack on managed service provider Kaseya left many organizations system’s down for days. Ransomware gang REvil took credit for the attack, however, suddenly disappeared.
Some speculate pressure from their government for fear of getting in trouble on their home turf may have had something to do with it, especially after President Biden warned Russia’s leader Vladmir Putin.
It is estimated that REvil may have collected close to $100 million in ransom payments in just the first 6 months of 2021, according to Coveware.
The average ransom payment is $136,576, down by 38% from Q1. The median ransom payment is $47,008, down by 40% from Q1, according to data from Coveware.
The decrease can be attributed to the growing number of ransomware-as-a-service brands, which have diluted the concentration of the attacks.
Coveware says, “the lower prevalence of several groups that have historically made some of the highest demands (such as Ryuk and Clop) allowed the average and median ransom payment to drift lower during the quarter.”
Attacks are becoming more costly to carry out, which raise the barrier to entry for new cyber criminals. In addition, using data exfiltration as an overall tactic appears to also be declining.
Coveware reports during Q2, over 80% of ransomware attacks also included the threat to leak stolen data.
Regardless, ransomware is a major threat to organizations today. A ISACA report says 1 in 3 organizations are experiencing more cyberattacks this year, which is three percentage points higher than last year.
Organizations should increase their IT security spending to lower the risk of a crippling ransomware attack.