Ransomware Payments Hit New Records

Some stats your way

• The average ransom demand rose 144% to $2.2 million.
• The average ransom payment rose 78% to $541,010. 
• The Americas was the most affected region at 60%, followed by Europe, the Middle East, and Africa at 31%, and the Asia Pacific at 9%. 
• Professional and legal services accounted for 1,100 victims while the construction sector acquired 600 victims. 
• There has been an increase of 85% in posts on name and shame sites on the dark web.

Specific stats related to ransomware groups

• Conti was the most active group last year. The group’s demands averaged $1.78 million for the entire year and the top initial demand was $3 million.
• REvil followed Conti as the second most active group with an average initial demand of $2.2 million.
• Thirty-five new ransomware gangs popped up in 2021.

RaaS takes the wheel

• The rise in average ransomware payment was mostly driven by RaaS models that reduce barriers to entry by selling startup kits and support kits. 
• These business models provide a plethora of easy-to-use tools and services, which make deploying ransomware an extremely easy task. 
• The newly found Sugar ransomware is being offered to threat actors as a RaaS. It asks for a ransom of $4.01 in BTC.   
• The prolific BlackCat, aka ALPHV, is another RaaS that uses the double extortion tactic. Its ransom demands range from a few thousand to $3 million in Monero or Bitcoin. 

The bottom line