wonderfully unique software solutions

Cybercriminals ignore ransom and release victim data anyway: report

Paying the ransom in a ransomware attack is looking less likely to protect sensitive data than ever, according to the Q3 Coveware update.

“Trust that stolen data will be deleted is eroding as defaults become more frequent, when exfiltrated data is made public despite the victim paying,” explains Coveware in the quarterly report. “Victims should assume it will be traded to other threat actors, sold, or held for a second or future extortion attempt.”

The mean ransom payment has risen 31% from Q2 to $233,817, and the median to $110,532, up two percent from Q2, as attackers target larger firms.

Coveware has learned that ransomware demands are continuing to increase alongside data exfiltration and Maze/Egregor fork group activity. The original Ryuk group has also returned to the ransomware scene, it said.

“It is also possible that the influx of remote and work-from-home setups using RDP and other remote technologies allowed threat actors to leverage attack vectors that previously didn’t exist,” according to Coveware.

Yet a previous NinjaRMM and Coveware report also found that a majority (86%) of IT professionals may consider ransomware a near-existential threat, according to a write-up on ITProPortal.

“Since June 2019, managed services providers (MSPs), IT service consultants and hosting providers have been increasingly targeted by ransomware actors,” according to a NinjaRMM/Coveware survey released in July.

“These attacks target the service provider’s remote management tools to increase the blast radius of the attack. When the attack is successful, every downstream endpoint at every client of the service provider is impacted.”

Remote monitoring and management (RMM) platform NinjaRMM is targeting MSPs and IT professionals with integrated file, folder and image backup via Ninja Data Protection.

Sal Sferlazza, chief executive at NinjaRMM, said the Ninja Data Protection release helps extend and simplify backup across remote and on-site workforces, promising minimal configuration requirements when speedy responses are needed — for example during a ransomware attack.

“The native integration with our RMM platform also means that managing those backups essentially requires zero additional management burden,” he said in the announcement. “We believe we are bringing one of the most reliable and easy-to-use backup solutions to the market.”

Read more about how backup tools in particular can protect against ransomware.

(Photo by Kristina Flour on Unsplash)

Recent Articles

Usecure builds security awareness focus, adds platform functionalities

MSP-focused security vendor Usecure is continuing to expand the capabilities of its human risk management focused software for partners.

Phishing attacks still plague common file types, Hornetsecurity warns

Phishing via archive, HTML, Excel or PDF files remain the leading email-based cyber attack on organisations, according to cybersecurity specialists at Hornetsecurity.

How TechSmith video-based learning can boost diversity and inclusion

When Hillsborough Community College in the USA wanted to create a remote-learning platform to assist students who use sign language, it turned...

Opswat uprates security for AWS partners in the cloud

Operations tech (OT) and industrial cybersecurity vendor Opswat, maker of MetaDefender, has been expanding and deepening its relationships with Amazon Web Services...

TeamViewer and Siemens to collaborate on augmented, mixed reality

TeamViewer is teaming up with Siemens on augmented and mixed reality (AR/MR) for the product lifecycle management space. The...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox