Increasingly sophisticated techniques are making Ransomware attacks deadlier than ever before. This has increased the downtime for enterprises that fall victim to network-encrypting malware campaigns
Ransomware cyber-attacks increased 41% in 2019, with 205,280 enterprises having lost access to hacked files, according to data from the ransomware security firm Emsisoft. The latest report from cybersecurity company Coveware reveals the average number of days for enterprises affected with a ransomware attack to restore their networks is more than 16 days. The report titled “Ransomware Marketplace” stated that the average number of days a ransomware incident lasts has increased from 12.1 days in Q3 2019, to 16.2 days in Q4 2019.
The increase in the downtime has been attributed largely to the rising attacks against large companies, which results in downtime of several weeks for restoring their systems. The most prominent types of ransomware, such as Sodinokibi and Ryuk are distributed by more advanced players.
The ransom demands made by cyber attackers are increasing, with the average ransom payment doubling in just a few months. It stood at $41,198 between July and September in 2019, and reached $84,116 for the period between October and December, found the report. Moreover, the report stated that Bitcoin is used almost exclusively now in all forms of cyber extortion. As per the report, cybercriminals know it is easier to swap extortion proceeds into a privacy coin after they collect, then to require a victim to purchase a less liquid type of digital currency.
On New Year’s Eve, currency exchange provider Travelex was hit with Sodinokibi ransomware, following which some of the company’s online services went offline over three weeks on from the attack. Ransomware is proving so effective across networks that companies are taking severe measures to protect themselves from being hit by ransomware and other cyber-attacks by taking simple security measures such as multi-factor authentication on accounts across the network.
However, several organizations are still not adopting multi-factor authentication, which would have prevented a significant number of attacks from having the impact they had. It is equally essential for enterprises to ensure their systems are updated regularly with relevant security patches to provide that cybercriminals will not be able to bank on known vulnerabilities and receive access to networks and distribute ransomware.