Ransomware operators are constantly evolving and gaining higher profits from their attacks. With the ongoing trend of such attacks, it is expected that the attacks will not slow down in the coming year.

What’s going on?

  • With businesses paying high ransoms, ransomware operators are motivated to pursue this line of attack even more. Attackers are expected to get more dangerous with sophistication in their TTPs and ease of access to hacking tools.
  • Experts anticipate that ransomware attacks with the threat of data exposure are to be observed in the coming year. These types of attacks will ultimately result in regulatory compliance issues for victims.
  • Weakly protected RDP services and phishing emails with weaponized attachments are still the most popular attack vectors.

Current trend

  • The average ransom demand has doubled over the years.
  • Ransomware families have started collaborating with each other for better efficiencies and greater opportunities.
  • Topical events, such as the COVID-19 pandemic, are being weaponized to craft malspam.


  • The FBI and other government agencies have been asking organizations to not pay ransoms. However, companies have been seen negotiating and paying the ransom to get their data back.
  • As long as payments are made and companies agree to pay double and triple the initial ransom demand, targeted ransomware attacks will continue even beyond 2021.

The bottom line

Ransomware operators are expected to refine the strategies that are already successful, instead of developing newer ones. Thus, in 2021, organizations should expect more targeted attacks, especially on large firms that have a lot to lose.

Cyware Publisher