We’re thrilled to partner with Arete in this first major installment of new research focused on ransomware trends, and the financial exposure faced by past and future victims: Mitigating Ransomware’s Impact. This portion of the data contains nearly 1,300 completed ransomware engagements, including demands and payments totaling $797.7M and $218.4M, respectively. We explore specifics on ransom demands and payments, victims’ industry and implemented controls, likelihood to pay, reasons for payment, and more! In the future, we will dive deep into attacker actions, intrusion methods, and malware families.
Victims of ransomware often find themselves in an unenviable position, not unlike that of someone who needs to buy a car, but has no knowledge of a vehicle’s actual value, common sales and negotiation tactics, or their full range of alternatives. We seek to equip readers with exactly this information in the context of ransomware, and in so doing chip away at attackers’ bottom lines while helping organizations better weather—or repel—the next attack.
Cool; so how might this research help?
Shedding light on common negotiation tactics can reduce their manipulative effect. A better understanding of “true” payment norms and payment alternatives can reduce harm to victims and profits to criminals. And evidence about measures taken beforehand which can reduce impact–even when prevention fails–can help defenders prioritize.
If you have any stake at all in reducing risk posed by ransomware, you’re probably getting excited about hard data from the frontlines. Spoiler alert: there’s some good news ahead!
It’s no coincidence that we named the report the way we did. Mitigating ransomware’s impact is both the subject and goal of the first volume of our Investigative Cybercrime Series. We’re enormously proud of it, and we hope you’ll give it a read!