TechRepublic reports that ransomware groups have been demanding record high ransoms, while victims have been providing higher than ever payments.
Initial ransom demands averaged $5.3 million during the first half of 2021, which was 518% higher than the $847,000 average demand in 2020, according to a report from Palo Alto Networks' Unit 42 threat intelligence team. Researchers also found that the highest demanded payment during the first six months of 2021 reached $50 million, compared with $30 million last year. Meanwhile, average ransom payments reached $570,000 in the first half of this year, which was 82% higher than last year.
Unit 42 attributed rising ransomware demands and payments to the quadruple extortion tactic, which includes encryption, data release, denial-of-service attacks and harassment.
"Keeping your organization safe from falling victim to a ransomware attack requires a fundamental shift away from detection and remediation toward preparation and prevention. This means reducing the attack surface, such as closing the remote desktop protocol (RDP) to the internet and instead using a virtual private network (VPN) with multi-factor authentication (MFA) enabled, preventing known threats, and identifying and preventing unknown threats through security technologies like XDR," said Unit 42 Principal Consultant John Martineau.
Despite multiple high-impact vulnerabilities and repeated warnings from Microsoft, government agencies and news media, there are likely hundreds of thousands of internet-connected servers (at least) running older, exposed versions of Exchange today.
Artificial intelligence poses a pretty scary threat to information security overall, but application-security testers should find AI to be extremely useful for finding flaws and weeding out false positives.