Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
206638 ZDNET 2021-4-27:
Ransomware extortion demands are growing, and so is the downtime caused by attacks
1.000 Find similar Compare side-by-side
206184 ZDNET 2021-4-23:
Ransomware's perfect target: Why one industry needs to improve cybersecurity, before it's too late
0.598 Find similar Compare side-by-side
206242 ZDNET 2021-4-23:
Ransomware is growing at an alarming rate, warns GCHQ chief
0.571 Find similar Compare side-by-side
206726 ZDNET 2021-4-30:
Ransomware is now a national security risk. This group thinks it knows how to defeat it
0.559 Find similar Compare side-by-side
206466 TECHREPUBLIC 2021-4-28:
Ransomware attack hits Washington, D.C. police department
0.687 0.527 Find similar Compare side-by-side
206456 ARSTECHNICA 2021-4-24:
Apple’s ransomware mess is the future of online extortion
0.501 Find similar Compare side-by-side
206778 VENTUREBEAT 2021-4-29:
It’s now or never: Society must respond to the ransomware crisis
0.030 0.467 Find similar Compare side-by-side
206682 VENTUREBEAT 2021-4-30:
Ransomware task force unveils broad manifesto for fighting back
0.450 Find similar Compare side-by-side
206648 ZDNET 2021-4-27:
FBI: Russian hackers are still trying to break into networks, here's how to protect yours from attack
0.076 0.448 Find similar Compare side-by-side
206543 VENTUREBEAT 2021-4-25:
CISA warns of credential theft via SolarWinds and PulseSecure VPN
0.384 Find similar Compare side-by-side
206520 ARSTECHNICA 2021-4-28:
Ransomware crooks threaten to ID informants if cops don’t pay up
0.380 Find similar Compare side-by-side
206659 ZDNET 2021-4-28:
COVID-19, WFH prompts spike in cyberattacks against banks, insurers
0.339 Find similar Compare side-by-side
206702 VENTUREBEAT 2021-4-29:
Government and industry to combat ransomware with Bitcoin regulation
0.330 Find similar Compare side-by-side
206545 TECHREPUBLIC 2021-4-27:
Why hackers are increasingly targeting video game companies
0.315 Find similar Compare side-by-side
206607 ZDNET 2021-4-24:
Enterprises need to change passwords following ClickStudios, Passwordstate attack
0.287 Find similar Compare side-by-side
206955 ARSTECHNICA 2021-4-30:
More US agencies potentially hacked, this time with Pulse Secure exploits
0.284 Find similar Compare side-by-side
206362 ZDNET 2021-4-26:
This password-stealing Android malware is spreading quickly: Here's what to watch out for
0.283 Find similar Compare side-by-side
206533 ZDNET 2021-4-27:
FireEye Q1 revenue, EPS top expectations, forecast higher, shares rise
0.280 Find similar Compare side-by-side
206531 VENTUREBEAT 2021-4-24:
CISOs must help their boards manage cyber risk — here’s how
0.277 Find similar Compare side-by-side
206271 VENTUREBEAT 2021-4-23:
Netacea: Stolen identity sales in criminal marketplace up 250% since 2019
0.274 Find similar Compare side-by-side
206714 VENTUREBEAT 2021-4-29:
AI-powered cybersecurity platform Vectra AI raises $130M
0.272 Find similar Compare side-by-side
206790 ZDNET 2021-4-30:
Microsoft finds memory allocation holes in range of IoT and industrial technology
0.265 Find similar Compare side-by-side
206178 ZDNET 2021-4-23:
ToxicEye: Trojan abuses Telegram platform to steal your data
0.264 Find similar Compare side-by-side
206534 VENTUREBEAT 2021-4-24:
Thistle tackles IoT security by helping vendors update devices
0.260 Find similar Compare side-by-side
206565 TECHREPUBLIC 2021-4-27:
Senator discusses priorities for advancing national cybersecurity legislation
0.257 Find similar Compare side-by-side

1

ID: 206638

URL: https://www.zdnet.com/article/ransomware-extortion-demands-are-growing-and-so-is-the-downtime-caused-by-attacks/

Date: 2021-04-27

Ransomware extortion demands are growing, and so is the downtime caused by attacks

The exploitation of vulnerabilities in RDP services and other software, combined with threats to leak stolen data, is paying off for ransomware gangs as victims pay up. The average ransom payment paid by victims of ransomware attacks has risen as cyber criminals exploit vulnerabilities in software and remote desktop protocol (RDP) services as common means of infiltrating networks. According to analysis by cybersecurity company Coveware's Quarterly Ransomware Report, the average ransom payment in the first three months of this year was $220,298 – up from $154,108 in the final three months of 2020. One of the reasons the cost of ransom payments has grown so significantly is a rise in activity by some of the most notorious ransom groups, which demand millions of dollars in Bitcoin from victims in exchange for the decryption key. A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)   This includes the Clop ransomware gang, which Coveware describes as "extremely active" in attacks targeting large victims and demanding very high ransom demands. It ranks at number four in the most common ransomware variants, accounting for 7% of all attacks even though it wasn't in the top 10 at all during the previous quarter. The most common ransomware is Sodinokibi, which accounts for 14% of attacks, followed by Conti, which is behind 10% of ransomware attacks, and Lockbit, which is the third most common ransomware, with a 7.5% market share. Egregor is the fifth most common ransomware seen in the first quarter of 2020, accounting for 5.3% of attacks. Other ransomware variants commonly used in attacks at the moment include Avaddon, Ryuk, Darkside, Suncrypt, Netwalker, and Phobos. One technique that is helping to make ransomware attacks more successful is for cyber criminals to publish data they've stolen while inside the network. The idea is that victims fear the consequences of potentially sensitive information being exposed online – so give in and pay the ransom. According to analysis by Coveware, 77% of ransomware attacks now involve a threat to leak exfiltrated data – up 10% compared with the final quarter of 2020. Almost half of ransomware attacks begin with cyber criminals compromising RDP services, either by using stolen credentials, guessing default or common passwords or by exploiting unpatched vulnerabilities. There's also been a rise in software vulnerabilities being exploited as a means of infiltrating networks, particularly when it comes to those in VPN applications. Hackers are actively targeting flaws in these VPN devices. Here's what you need to doAll of this has come together to result in an average of 23 days downtime following a ransomware attack – up by two days. Something that can help organisations successfully recover from a ransomware attack is regularly updating backups of the network – and storing them offline – so if the worst happens, restoring the network is possible without giving in to ransom demands, making the exercise a pointless waste of time for cyber criminals. But the best way to avoid damage from a ransomware attack is to avoid falling victim to one in the first place. Cybersecurity procedures that can help prevent this include avoiding the use of default usernames and passwords while also securing accounts with multi-factor authentication. Organisations should also ensure the latest security patches are applied to software across the network, preventing cyber criminals from being able to exploit known vulnerabilities to plant ransomware attacks.