Companies victimized by ransomware attacks paid an average of $84,116 in the fourth quarter of 2019, up from $41,198 in the prior quarter, according to a study by security firm Coveware.
This doubling reflects the “diversity of the threat actors,” and the use of variants such as Ryuk and Sodinokibi in the enterprise space, the report states.
It also clearly demonstrates the need for firms to protect themselves against malicious emails through security systems and staff training.
Ryuk ransom payments reached a high of $780,000 for victimized enterprises. Smaller ransomware-as-a-service variants like Dharma, Snatch and Netwalker demand as little as $1,500.
On the positive side, if there is one, 98% of the firms that paid the ransom received a working decryption tool from the attacker. Without such a tool, there is zero data recovery.
But the tools apparently work— victims who paid recovered 97% of their encrypted data. Perhaps counter-intuitively, Crossware says it sees better outcomes with more sophisticated attackers.
The average downtime from a ransomware attack was 16.2 days in Q4 of 2019, up from 12.1 days in the third quarter.