It pays
Attackers are more motivated than ever because successful attacks offer huge payoffs. The average ransom paid by organizations in the United States, Canada, and Europe increased from $115,123 in 2019 to $312,493 in 2020 — a 171% year-overyear increase. The average payoff for the first fiscal quarter of 2021 came in at $850,000. With numbers like these, it’s easy to see why ransomware continues to be a favorite criminal endeavor. In fact, since 2019, ransomware-related incidents have increased by 65%. The attack frequency will continue to grow; instead of an assault every 11 seconds, it’s estimated that one will occur every two seconds by 2031.
Meanwhile, although law enforcement agencies advise against it, organizations keep paying the ransom. It’s natural for companies to want to protect their data, and since the negative business impact of an attack often eclipses the ransom itself, paying up often seems the most cost-effective option.
It’s cheap
From the point of view of a cybercriminal, the costs of running a ransomware campaign are low. Today, an attacker can buy a prefab ransomware kit that contains everything needed to deploy and monetize an attack, including encryption services, the payload dropper, and obfuscation tools. A typical ransomware-as-a-service (RaaS) subscription starts at a little over $100 per month. More complex and powerful variants can cost thousands, but the payoff potential increases accordingly. Support plans are also included to ensure that attackers can extract the maximum value from the service
To read full download the whitepaper:
Why you can’t prevent ransomware
