Ransomware payments hit new records in 2021 as cybercriminals increasingly turned to Dark Web ‘leak sites’ where they pressured victims to pay up by threatening to release sensitive data, according to research released from Unit 42 by Palo Alto Networks.
The average ransom demand in cases worked on by Unit 42 incident responders rose 144% in 2021 to US$2.2 million, while the average payment climbed 78% to US$541,010, according to The 2022 Unit 42 Ransomware Threat Report.
The most affected industries were professional and legal services, construction, wholesale and retail, healthcare and manufacturing.
“In 2021, ransomware attacks interfered with everyday activities that people all over the world take for granted – everything from buying groceries, purchasing gasoline for our cars to calling 911 in the event of an emergency and obtaining medical care,” said Jen Miller-Osborn, Deputy Director, Unit 42 Threat Intelligence.
The report describes how the cyber extortion ecosystem grew in 2021, with the emergence of 35 new ransomware gangs.
The number of victims whose data was posted on leak sites rose 85% in 2021, to 2,566 organizations, according to Unit 42’s analysis. A total of 60% of leak site victims were in the Americas, followed by 31% for Europe, the Middle East and Africa, and then 9% in the Asia-Pacific region.