Content, Content

Coveware 3Q20 Ransomware Report: Average, Median Ransom Payments Up

Cyber ransom demands rose in the third quarter of 2020, according to the "Quarterly Ransomware Report" from ransomware recovery company Coveware.

Notable findings from Coveware's report included:

  • The average ransom payment was $233,817 in the third quarter, up 31 percent from 2Q20.
  • The median ransom payment was $110,532, up 2 percent from the prior quarter.
  • 61 percent of ransomware victims reported annual revenues of less than $50 million.
  • Sodinokibi (16.2 percent) was the most-prevalent ransomware during the quarter, followed by Maze (13.2 percent) and Netwalker (9.9 percent).
  • Nearly half of all ransomware cases included the threat to release exfiltrated and encrypted data.
  • Remote Desktop Protocol (RDP) compromise ranked first among ransomware attack vectors, followed by email phishing and software vulnerabilities.
  • Professional services (25 percent) was the most-common industry targeted during ransomware attacks, followed by the public (12 percent) and healthcare (11 percent) sectors.

Cybercrime tactics, techniques and procedures (TTPs) are evolving, and organizations must plan for ransomware and other advanced cyberattacks. In its "2020 Cyber Threatscape Report," Accenture indicated that the following factors could affect the cyber threat landscape going forward:

  • Ransomware: Organizations must prepare for new ransomware strains that target remote workers.
  • Coronavirus (COVID-19) Pandemic: Organizations must implement security controls to ensure employees can work safely during the pandemic and after it ends.
  • Business Continuity: Organizations must use threat intelligence to stay ahead of cyberattacks and avoid data breaches that cause service interruptions and downtime.
  • Threat Detection: Organizations must understand commonly cybercriminal tools and techniques and map out their security plans accordingly.
  • Device Management: Organizations must regularly patch and test end-user devices and leverage technologies and tools to consistently manage them.

Cybercrime is ongoing, but MSSPs can help global organizations guard against cyberattacks. By partnering with MSSPs, these organizations can deploy security controls to minimize the impact of cyberattacks now and in the future.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.