The most notable ransomware trend in Q1 2021 was the great majority of ransomware attacks involved the theft of corporate data and the subsequent threat to leak the stolen information. However, the research found that the companies that paid the ransom to cybercriminals gained very little in return.

Ransom Payments Futile

Prior to the ransom payment, studies have found that stolen data was not secured and has already been in the possession of several parties. Companies that have been breached will not know whether or not their stolen data has not already been destroyed, misplaced, sold, or traded. Moreover, they can never be sure that their company won’t be subject to another extortion demand in the future.

It may also be the case that stolen data may have already been leaked and circulated prior to the victim being able to respond to a ransom demand. Cybercriminals also may not provide a complete inventory of the data that was stolen even if the organization decides to pay the ransom.

More Victims Refusing to Pay Ransom

Experts are heartened that a growing number of ransomware victims are refusing to comply with extortion demands. This is because their research has found that in hundreds of cases they have not found an instance where a ransom payment intended to secure stolen data helped a company mitigate liability or avoid brand damage and economic losses. In stark contrast, the payment of ransom typically led to unintended negative consequences, created a false sense of security, and resulted in future liabilities.

Other Ransomware Trends of Q1 2021

During Q1 of 2021, the average ransom payment climbed to $220,298, a rise of 43% from Q4 2020. Much of the increase can be attributed to cybercrime gangs deploying a variant of the Clop ransomware program.

Small businesses are being disproportionately victimized by ransomware attacks.

Firms in the professional services industry, such as accounting and law firms, are now being increasingly targeted by ransomware attackers. Healthcare and public sector organizations are also being heavily victimized.

Average downtime resulting from a ransomware attack has grown to 23 days.

RDP (Remote Desktop Protocol) compromise continues to be the most typical attack vector. However, it is closely followed by email phishing and software vulnerability exploitation.

Alpha Business Support

Choosing an expert computer technology-support provider is an important decision for your business. Alpha has been a trusted partner of many companies in the Washington, D.C., Baltimore, and Annapolis areas since 1990. For affordable client-focused network consulting services and solutions, please call Alpha today at (410) 295-9500.