cyber attack

New Data Shows Sharp Rise in Ransomware Attacks, Payments Demanded From Hackers

Ransomware attacks hit at least over 200,000 organizations last year, and the average ransom demanded rose dramatically at the end of 2019.

The ransomware crisis will get worse before it gets better, according to several experts interviewed by The New York Times in a report containing new data on the amount of businesses and public sector organizations hit by the malware.

While many businesses quietly pay ransoms and never report the attack to authorities, cybersecurity firm Emisoft collected data in 2019 showing the widespread nature of the attacks. Last year, 205,280 organizations submitted files that had been hacked in a ransomware attack, a 41 percent increase from 2018, according to the Times.

The average payment demanded by hackers to release files back to their owners rose to $84,116 in the last quarter of the year, according to data from Coveware. That number hiked up to $190,946 in December, when ransomware attackers were said to demand millions from larger corporations.

But even this devastating data cannot paint the full picture of ransomware attacks, as many corporations attempt to hide that they were the victims of ransomware due to fears that they will earn media attention and negatively affect investor confidence.

In addition, cyber-insurance providers -- many of whom help their clients pay the ransoms rather than attempt to recover the files through backups -- are raising insurance rates in the wake of higher demands and more frequent attacks. Businesses often do not report the incidents to the FBI, which tallied only 1,493 reports in 2018.

Steven Chabinsky, a lawyer and former deputy assistant director of the FBI’s cyber unit, told ProPublica that many businesses do not report because the FBI does not offer much assistance and can create another distraction in the middle of a crisis.

“Not that I’m saying corporate America is dishonest, but the last thing you want is a bunch of FBI agents crawling around your company,” Chabinsky added. “There is no benefit whatsoever of you reporting. There’s no incentive. And there’s clearly identifiable cost. It’s the cost, the disruption, the risk they talk to some employee and now you’re under investigation. There’s no upside.”

Security experts are also concerned about the rise in certain trends among attackers, including hackers releasing stolen files to the public in an effort to pressure or punish victims who have not paid the ransom. Federal authorities have struggled to address the attacks and their ramifications because the hackers largely operate outside of the U.S. using hard-to-track financial systems, most often Bitcoin.

In the meantime, one agency has taken action in an attempt to help businesses and organizations recover from the attacks. The National Institute of Standards and Technology released a set of free guidelines in January after it tested a variety of cybersecurity solutions in different IT environments to find out which methods were most effective in fighting ransomware.

Organizations can read the framework here and provide public comment on the report from now until Feb. 26.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Mall of America Deploys AI-Powered Analytics to Enhance Parking Intelligence

    Mall of America®, the largest shopping and entertainment complex in North America, announced an expansion of its ongoing partnership with Axis Communications to deploy cutting-edge car-counting video analytics across more than a dozen locations. With this expansion, Mall of America (MOA) has boosted operational efficiency, improved safety and security, and enabled more informed decision-making around employee scheduling and streamlining transportation for large events. Read Now

  • Security Industry Association Launches New “askSIA” AI Tool

    The Security Industry Association (SIA) has unveiled a brand-new SIA member benefit – askSIA, a conversational AI agent designed to help users get the most out of their SIA membership, easily access SIA resources and find the latest information on SIA’s training and courses, reports and publications, events, certification offerings and more. SIA members can easily find askSIA by visiting the SIA homepage or looking for the askSIA icon in the top left of webpages. Read Now

    • Industry Events
  • Industry Embraces Mobile Access, Biometrics and AI

    A combination of evolving workplace dynamics, technology innovation and new user expectations is changing how people enter and interact with physical spaces. Access control is at the heart of these changes. Combined with biometrics and AI, mobile access control has become increasingly crucial for deploying entry solutions that are seamless, secure and adaptive to user needs. Read Now

  • Sustainable Video Solution Delivered for Landmark City of London Office Development

    An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now

  • DHS to End ‘Shoes-Off’ Travel Policy

    Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.