Current study of Palo Alto Networks Unit 42
Ransomware payments reached new records in 2021, as cybercriminals are increasingly resorting to “leak sites” on the Dark Web. By threatening to release sensitive data, they put pressure on their victims to make them pay. This is reported by Unit 42 of Palo Alto Networks (NASDAQ: PANW), the world’s leading provider of cybersecurity for companies, in the study published today.
- Average ransom demand increased by 144 percent to $2.2 million
- Average payment increased by 78 percent to $541,010
- 85 percent more posts on “name-and-shame” leak sites on the Dark Web
The average ransom demand in cases handled by Unit 42, Palo Alto Networks’ IT security analysts, increased by 144 percent to $2.2 million in 2021. The average payment increased by 78 percent to $541,010 over the same period, as evidenced by the current 2022 Unit 42 Ransomware Threat Report.
“In 2021, ransomware attacks disrupted everyday activities that people all over the world take for granted – from grocery shopping to refueling their cars to emergency calls and medical care,” explains Jen Miller–Osborn, Deputy Director of Unit 42 Threat Intelligence.
The Conti ransomware group was responsible for most of the activity, accounting for more than one in five cases that Unit 42 analysts had to deal with in 2021. REvil (also known as Sodinokibi) was in 2nd place with 7.1 percent, followed by Hello Kitty and Phobos (4.8 percent each). Conti has also published the names of 511 companies on its leak site on the Dark Web, more than any other group.
The report describes how the ecosystem of cyber extortion grew in 2021 with the emergence of 36 new ransomware gangs. He documents how criminal groups invested unexpected profits in developing tools that are easier to use in attacks that are increasingly exploiting zero-day vulnerabilities.
The number of victims whose data was published on leak sites increased by 85 percent to 2,566 companies in 2021, according to Unit 42’s analysis. About 60 percent of the leaksite victims were in North and South America, followed by 31 percent in Europe, the Middle East and Africa and with 9 percent in the Asia-Pacific region. The most affected vertical sectors were professional and legal services, construction, wholesale and retail trade, healthcare and manufacturing.