Ransomware victims who pay subsidise future attacks
Although only 10% of ransomware victims pay their extorters, doing so is enabling attacks on numerous other organisations, according to research from Trend Micro.
A new report published by the company found that victims who pay a ransom are covering the operational costs for those who refuse to, with each payment to ransomware attackers subsidising nine further attacks.
Some ransomware attacks are more lucrative for the culprits than others, with rates of ransomware payments for LockBit- and Conti-based attacks growing to 16%, compared to only 8% for the DeadBolt ransomware.
Trend Micro attributes the variations to different attack methods, with the LockBit and Conti ransomware groups having a history of highly targeted attacks.
Those victims who do pay up are most likely to pay pretty quickly after a successful attack, Trend Micro said. A survivor analysis of the DeadBolt ransomware found that over 50% of successfully extorted victims paid within 20 days, with 75% paying within 40 days.
But paying a ransom often only results in driving up the overall cost of the incident rather than sparing victims the consequences of the attack.
The study also found that ransomware monetisation activities are at their lowest in January and July–August, suggesting that defenders may want to use these times to rebuild infrastructure and prepare for future threats.
CrowdStrike to buy Adaptive Shield
CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...
LockBit named nastiest malware of 2024
LockBit, a ransomware malware known to have been used to attack Australian targets, has been...
Extreme Networks launches ZTNA solution
Extreme Networks' new ExtremeCloud Universal ZTNA solution combines cloud network access...
