In the UK, payments by companies to ransomware programs have almost doubled over the past year.
Sophos, a British firm specializing in cyberspace security, reported that in the first half of 2022, the average payment within the framework of this commercial interaction based on illegal practices was 812 thousand dollars. This year, the average size of the relevant transactions has grown to $2.1 million. This indicator exceeds the global average.
More than a quarter of the companies that took part in a global survey on the relevant topic reported that they transferred from $1 million to $5 million to extortionists. The average payout of firms whose annual revenue exceeds $ 5 billion, is about $ 2.5 million.
Sophos claims that the dependence of the transaction size on the financial capabilities of the company is natural in the sense that extortionists focus on the solvency of the firm when formulating requirements.
Attacks that are carried out by using ransomware programs occur as a result of attackers gaining access to organizations’ computer systems. Criminals distribute malicious software in these systems and encrypt devices, blocking access to the data stored on them.
The attackers demand money in exchange for the return of access to the management of computer systems and their contents.
At the global level, in annual comparison, the intensity of the use of ransomware has not changed. In Singapore, 84% of participants in the Sophos international survey reported similar attacks since the beginning of 2023. This is the highest level in the world. The lowest rate of the intensity of the use of ransomware was recorded in the UK, where 44% of respondents reported such cases. At the same time, the financial losses of British companies as a result of the attacks are among the highest.
Ransomware is most often used against educational institutions. According to experts, this state of affairs indicates a lack of resources and technologies to combat such attacks in this industry.
Experts also say that the degree of probability of criminal activity against a company depends on its income. The more money a firm has, the higher the risk of an attack.
Research shows that in 30% of cases, malicious software penetrates computer systems using phishing emails that are sent via email. The person follows the link specified in the letter, after which the dangerous program automatically starts downloading. Also, 30% of such attacks are aimed at stealing personal data.
Many organizations whose personal information was blocked have regained access to data using backup systems. At the same time, 46% of companies paid a ransom. The survey results show that 10% of firms that transferred money to criminals did not receive the data back.
As we have reported earlier, Briton Pleads Guilty in US to 2020 Twitter Hack.