Continued ransom payments amid debate over potential ban by authorities
In the ongoing battle against ransomware, one significant challenge remains: the vast sums of money going to criminal groups. This issue was highlighted by Chester Wisniewski, Field CTO for Applied Research at Sophos, who expressed concerns about the scale of ransomware activity.
The White House is currently considering a ban on ransom payments, but Wisniewski cautions that such a measure would require global support, a feat he deems unlikely. He further stated that a perfect implementation of a ransomware payment ban could potentially put an end to ransomware, but he doubts its practicality.
According to Sophos' survey, nearly 3 in 5 organizations with a standalone cyber insurance policy paid the ransom, compared to only 15% of uninsured organizations. This represents a five-fold increase in ransom payments for the Conti ransomware group, as reported by researchers.
Between 2020 and 2022, there were 6,516 ransomware attacks worldwide, a number that likely underestimates the true scale of the problem. The median ransom payment, as per Sophos' survey, was $400,000 during the past year, with some payments reaching as high as $7 million.
A study by BakerHostetler reported an average ransom payment of $600,000, a 15% increase from the previous year, while Palo Alto Networks' Unit 42 observed a median ransom payment of $350,000. The proportion of organizations paying seven-figure ransoms has also increased significantly, from 11% in 2022 to 40% in 2023.
Interestingly, the median ransom payment for organizations with more than $5 billion in annual revenue was $3 million, and for those with at least $1 billion, it was $1 million. However, the report naming the company with the highest average ransomware payments was not explicitly provided in the search results.
Despite these staggering figures, Wisniewski maintains that a ransomware payment ban could cause collateral damage and is, therefore, not in favour of such a measure. Nearly half (46%) of organizations hit by ransomware in the past year paid a ransom to recover data, according to Sophos' research.
This in-depth peer review on the Conti ransomware group's operations suggests that these attacks are likely underreported. Researchers traced more than $80 million in ransom payments to Conti and its predecessor. As the fight against ransomware continues, the debate over ransom payment bans and their potential impact remains a pressing issue.
Read also:
- Exploring the Architecture and Skills of Qualys' Agentic AI: A Deep Dive into Its Technological Framework and Abilities
- Auto Industry Update: Geotab, C2A, Deloitte, NOVOSENSE, Soracom, and Panasonic in Focus
- Preparations Underway for the 2022 FIFA World Cup: Impact on Sports Betting Industry
- Major cybersecurity breach hits over 690,000 clients at American financial technology company
