Cyber crime victims have handed over more than $140 million to ransomware attackers since 2014, a new study by the Federal Bureau of Investigation (FBI) found.
The law enforcement agency said it arrived at the payout figure by analyzing bitcoin wallets and ransom notes. Ryuk at $61.3 million brought cyber extortionists more money than any other ransomware variant, followed by Crysis/Dharma at $24.5 million and Bitpaymer at $8 million. (Note: Emcor, a $9 billion construction services and energy infrastructure enterprise, has just been hit with a Ryuk ransomware attack.)
Another recent study figured that ransomware demand costs could exceed $1.4 billion in the U.S. in 2020. At this point, the average ransomware demand is about $84,000 with one-third of victims paying the ransom, security specialist Emsisoft said.
FBI special Agent Joel DeCapua, who manages the FBI's strategy to identify and prosecute cyber criminals, shared the agency’s findings at the recent RSA Conference in San Francisco where he detailed how the agency used bitcoin wallets and ransom notes to figure out how much victims paid in ransom payments. (via TechRadar) According to DeCapua, between October 2013 and November 2019 approximately $144 million was paid in bitcoins to ransomware actors. The figure only includes shoveled out ransom payments. The actual number may be higher, the FBI reportedly said.
Windows Remote Desktop Protocol (RDP) is the door ransomware kidnappers prefer to wiggle into a network to launch an attack, accounting for some 80 percent of breaches, DeCapua said. He offered a number of security actions to limit risk to ransomware: (via TechRadar)
- Use Network Level Authentication (NLA) for users to authenticate themselves on the network before connecting to the remote desktop server.
- Set unique and complex passwords for RDP accounts.
- Install software and operating system updates, monitor networks.
- Establish a contingency plan with backups.