Were it not for a single ransomware group and its enormous demands, average and median ransom figures would have been lower in Q1 2021, compared to previous quarters.
However, the average ransom payment has risen 43 percent, and median ransom payment rising 59 percent, quarter-on-quarter.
This is according to a report from ransomware recovery company Coveware, which states that the average ransom payment hit $220,298 in Q1, while the median ransom payment reached $78,398.
Ransomware payments have been on the decline for the past couple of quarters, but CloP, a group that was “extremely active” during Q1, targeting large victims with very high ransom demands, pulled up the averages significantly.
The report also says that the industry had reached an inflection point; the majority of attacks now involve the theft of corporate data, and the threat of that data being published online if the victim does not pay up.
However, organizations aren’t discouraged and a growing number of victims are refusing to pay, Coveware claims.
“Over hundreds of cases, we have yet to encounter an example where paying a cybercriminal to suppress stolen data helped the victim mitigate liability or avoid business/brand damage,” the company said. The report further states that paying creates a “false sense of security, unintended consequences and future liabilities”.
Organizations are advised not to pay, because it doesn’t guarantee the safe return of data, nor that the threat actor (or a third party) will not publish the data anyway. It also doesn’t guarantee that the same threat actor (or a different one) won’t initiate another attack in the future.
Instead, organizations should educate their employees on the dangers of phishing and social engineering, set up a strong cybersecurity defense mechanism, as well as a backup solution.