Nearly 50% of ransomware-hit organisations are US-based
New research data shows that 45% of organisations hit by ransomware in 2020 are based in the US. This is according to data presented by the Atlas VPN.
Enterprises all over the world are being held hostage by ransomware, and many choose to pay criminals because the expense of downtime and loss of reputation if the consumer data goes public outweighs the ransom.
The data was collected from publicly available websites as well as those on the dark web. The dataset included 337 victims from 56 different industries in five regions and 39 countries.
Surprisingly, out of 337 ransomware victims last year, 151 (45%), were operating in the US. US organisations are extremely profitable for hackers. They reach a wider market than most other countries, which often means that they have more resources. Moreover, having more employees, contractors and using more services creates a broader attack surface for hackers to exploit.
On a similar note, 39 (12%) of businesses in Canada got trapped by ransomware and were forced to pay up. Third on the list is Germany, where 26 (8%) organisations suffered from a ransomware attack. Fourth is the United Kingdom, and fifth is France, where 17 (5%) and 16 (5%) businesses respectively have been a victim of a ransomware attack.
Ransomware is a lucrative market. The average ransom paid by organisations in the United States, Canada, and Europe rose by 171% from $115,123 (€95,723.05) in 2019 to $312,493 (€259,833.24) in 2020.
Double extortion on the rise
Several ransomware families have demonstrated their ability to exfiltrate data and use double extortion tactics, including NetWalker, RagnarLocker, DoppelPaymer, and several others.
Instead of only encrypting data on the victim’s computer, hackers also export files to their own computers in order to further compel the victim to pay the ransom. In case the ransom is not paid, criminals threaten to publish the data on leak sites and forums that are operating on the dark web.
By far the most effective ransomware family is NetWalker, which was used in 33% of attacks last year. Interestingly, the FBI has already taken the matter into their own hands and took down the site on the dark web that was providing NetWalker ransomware for sale as a service.
During the FBI’s investigation, a Canadian national Sebastien Vchon-Desjardins of Gatineau was charged in the Middle District of Florida. He is alleged to have obtained over $27.6 million (€22.95 million) as a result of the offenses charged in the indictment.