Ransomware accounts for 81% of all financially motivated cyberattacks in 2020
Ransomware is a type of malicious malware used by cybercriminals to encrypt sensitive information that can be regained if a ransom is paid. Last year's data reveals that this type of attack is one of the cybercriminal’s favorite methods.
The Atlas VPN team found that ransomware made up a whopping 81% of all financially motivated cyberattacks in 2020. The average cost of a breach caused by ransomware in 2020 was $4.44 million.
The findings in this article are based on various industry reports from CrowdStrike, IBM Security, and Heimdal Security.
In total, 63% of cyberattacks last year were financially motivated. Out of the 63% of the financially motivated assaults, 81% were ransomware attacks. The remaining 19% include point-of-sale intrusions, e-commerce attacks, business email compromise, and cryptocurrency mining.
As ransomware technology has developed over the last thirty years since its creation in 1989, its threat levels have grown too. In 2020, ransomware attacks caused greater financial damage per breach than average malicious attacks.
An average malicious attack cost victims $4.27 million per assault. In the meantime, ransomware attacks cost 4% more — $4.44 million per breach.
In November 2020, we reported that 56% of companies experienced ransomware attacks in the last 12 months.
The top 5 biggest ransomware attack payouts of 2020
The year 2020 saw a fair share of ransomware attacks that affected companies and organizations worldwide. One of the most significant ransomware attacks in 2020 was the Garmin breach. Garmin, an American multinational technology company, was asked to pay $10 million to its hackers.
The company suffered a worldwide outage in July of 2020, which disabled customers from accessing their connected servers, including its smartwatches and aviation products. Garmin was targeted by WastedLocker, ransomware credited to a Russia-based cybercriminal group called Evil Corp.
Four days after the outage, Garmin started restoring its services. While the company did not publicly confirm whether they paid the ransomware, sources such as Bleeping Computer suspect they must have obtained a decryption key, which would have required them to pay the ransom to the cybercriminals.
The next biggest ransom payout to cybercriminals in 2020 belongs to a business travel management company CWT Global. The company was also initially asked to pay a ransom of $10 million. However, it negotiated the payment down to $4.5 million.
Hackers attacked the firm in July, the same month as the Garmin attack took place. Cybercriminals behind the attack used Ragnar Locker, a specific strain of ransomware that targets software used by managed service providers to prevent their assault from being detected.
Travelex, a British foreign exchange firm, rounds out the top three companies in this list. Initially, the criminals requested a $6 million ransom in Bitcoin. However, Travelex agreed to pay just a little over the third of the original sum and settled for $2.3 million.
The Sodinokibi gang, also known as REvil, is said to be responsible for the attack. The group claimed to have accessed Travelex’s network, as well as downloaded and encrypted 5 GB data.
Other organizations that paid a significant ransom to cybercriminals last year include the University of California San Francisco ($1.14 million), as well as Communications and Power Industries ($0.5 million).
It is hard to predict whether this year’s ransomware attack levels will surpass the ones of 2020. However, as global companies continue to fall into the traps of ransomware attacks, it is safe to say they are not going anywhere.
If you are interested to learn more about ransomware trends in 2020 or how you can protect yourself and your organization from such attacks, check out our other articles on the topic:
Average ransom payout jumped 178% in a year
56% of organizations suffered a ransomware attack in the last 12 months
Global ransomware attacks surged by 110% at 34 million Year-on-Year