Skip to main content

Ransomware operators demanding greater ransom fees

(Image credit: Pixabay)

In the first quarter of the year, ransom fee demands made by ransomware operators have seen a significant rise, claims a new report from Coveware.

According to the ransomware recovery firm, ransom fees grew by 33 percent quarter-on-quarter, and the average ransom payout sits at $111,605 - paid mostly by large enterprises.

The report explains cybercriminals primarily target large enterprises and small to medium-sized businesses - those with sufficient financial firepower to survive a ransom payout.

Smaller businesses tend to pay smaller ransoms, with the average payment made by such businesses falling at $44,021, up slightly from $41,179 in Q4 2019.

“Large enterprise ransom payments are the minority by volume, but the size of the payments dramatically pulled up the average ransom payment,” said the report.

Not only do cybercriminals encrypt files on the target network, but they also download the data to use as leverage if the business attempts to restores systems via a backup.

The most potent ransomware families remained the same: Sodinokibi, Ryuk and Phobos. Sodinokibi holds a quarter of the market share (26.7 per cent), while Ryuk holds 19.6 per cent, Coveware claims.

However, the Mamba ransomware (also known as HDDCryptor) also demonstrated significant growth.