cyber attack

New Data Shows Sharp Rise in Ransomware Attacks, Payments Demanded From Hackers

Ransomware attacks hit at least over 200,000 organizations last year, and the average ransom demanded rose dramatically at the end of 2019.

The ransomware crisis will get worse before it gets better, according to several experts interviewed by The New York Times in a report containing new data on the amount of businesses and public sector organizations hit by the malware.

While many businesses quietly pay ransoms and never report the attack to authorities, cybersecurity firm Emisoft collected data in 2019 showing the widespread nature of the attacks. Last year, 205,280 organizations submitted files that had been hacked in a ransomware attack, a 41 percent increase from 2018, according to the Times.

The average payment demanded by hackers to release files back to their owners rose to $84,116 in the last quarter of the year, according to data from Coveware. That number hiked up to $190,946 in December, when ransomware attackers were said to demand millions from larger corporations.

But even this devastating data cannot paint the full picture of ransomware attacks, as many corporations attempt to hide that they were the victims of ransomware due to fears that they will earn media attention and negatively affect investor confidence.

In addition, cyber-insurance providers -- many of whom help their clients pay the ransoms rather than attempt to recover the files through backups -- are raising insurance rates in the wake of higher demands and more frequent attacks. Businesses often do not report the incidents to the FBI, which tallied only 1,493 reports in 2018.

Steven Chabinsky, a lawyer and former deputy assistant director of the FBI’s cyber unit, told ProPublica that many businesses do not report because the FBI does not offer much assistance and can create another distraction in the middle of a crisis.

“Not that I’m saying corporate America is dishonest, but the last thing you want is a bunch of FBI agents crawling around your company,” Chabinsky added. “There is no benefit whatsoever of you reporting. There’s no incentive. And there’s clearly identifiable cost. It’s the cost, the disruption, the risk they talk to some employee and now you’re under investigation. There’s no upside.”

Security experts are also concerned about the rise in certain trends among attackers, including hackers releasing stolen files to the public in an effort to pressure or punish victims who have not paid the ransom. Federal authorities have struggled to address the attacks and their ramifications because the hackers largely operate outside of the U.S. using hard-to-track financial systems, most often Bitcoin.

In the meantime, one agency has taken action in an attempt to help businesses and organizations recover from the attacks. The National Institute of Standards and Technology released a set of free guidelines in January after it tested a variety of cybersecurity solutions in different IT environments to find out which methods were most effective in fighting ransomware.

Organizations can read the framework here and provide public comment on the report from now until Feb. 26.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services
  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

  • Pragmatism, Productivity, and the Push for Accountability in 2025-2026

    Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.