One outage can undo years of growth. Read the services overview

Menu
(561) 404-8411
Schedule A Consultation
Posted on

The Spread of Ransomware Services Has Caused Cyber Extortion to Nearly Double

Cybersecurity
Cyber Extortion

Ransomware Payments Hit Record Highs in 2021

In 2021, ransomware payments hit new records as cybercriminals leveraged Dark Web “leak sites” by threatening to release sensitive information if victims didn’t pay up. According to Palo Alto Networks, the average payment last year was $541,010 — up 78% from 2020. This was fueled in part by the spread of ransomware-as-a-service (RaaS) business models that reduce barriers to entry for cyber extortionists. The biggest targets included healthcare, professional and legal services, wholesale and retail, construction, and manufacturing. The organizations that operate within these industries are considered “critical infrastructure” for threat actors. 

Ransomware attacks show no signs of slowing down in 2022 and beyond. Ransomware tactics and techniques continue to evolve, and last year we saw the emergence of 35 new ransomware gangs. The Conti ransomware group was responsible for the most activity, accounting for 20% of cases analyzed in the 2022 Unit 42 Ransomware Threat Report by Palo Alto Networks. The frequency of ransomware attacks has intensified in recent decades, in part due to the rise of cryptocurrencies. The Senate Committee on Homeland Security and Governmental Affairs cited estimates by a cybersecurity company that there were 623 million such attacks worldwide in 2021. 

U.S. companies alone were the number one target of ransomware hackers, facing 421 million attempted breaches — an increase of 98% compared with 2020. The most common tactics used were phishing scams, remote desktop protocol exploitation, and entry through software weaknesses. After the start of the Covid-19 pandemic, the widespread shift to remote work and schooling “expanded the remote attack surface and left network defenders struggling to keep pace with routine software patching,” says the FBI. 

The Rise of Quadruple Extortion

Last year, ransomware groups took tactics such as double extortion to a new level, deploying “multi-extortion techniques” designed to heighten the cost and immediacy of the threat. Quadruple extortion is one disturbing trend identified by Unit 42 consultants, in which ransomware operators reach out to a victim’s customers and stakeholders directly, adding more pressure. The four most common techniques for pressuring victims into paying include: 

  1. Encryption: Victims pay to regain access to scrambled data and compromised computer systems that stop working because critical files are encrypted.
  2. Data Theft: Hackers expose sensitive information if a ransom is not paid.
  3. Denial of Service (DoS): Ransomware groups launch denial-of-service attacks that shut down a victim’s public websites.
  4. Harassment: Cybercriminals contact customers, business partners, employees, and media to tell them the organization was hacked. 

While it’s rare for one organization to be the victim of all four techniques, ransomware operators have been engaging in additional approaches when victims don’t pay up after data encryption and theft. In 2021, cybercriminals released the names and proof of compromise for approximately 2,500 victims — up 85% from the previous year. RaaS sponsors sell startup kits and support services to emerging threat actors, which makes launching ransomware attacks almost as easy as using an online auction site. 

The Ransomware Trajectory

The ransomware crisis will continue to gain momentum over the coming months, as cybercrime gangs refine their tactics and find new ways to inflict greater damage on victims. Long-term effects go far beyond the actual cost of the ransom to include a wide range of ancillary costs, such as loss of productivity, reputation, remediation, and more. So far this year, Palo Alto Networks has observed groups, including NetWalker, SunCrypt, and Lockbit taking in payments ranging from $10,000 to $50,000. Large businesses that lack proper resources are encouraged to invest heavily in cyber security sooner rather than later.

Defend Against Ransomware in 2022 With Mindcore

At Mindcore, our cyber security specialists in New Jersey and Florida have years of experience defending companies against online threats. We will work closely with you to build a strategy based on your unique needs and goals, using penetration testing, vulnerability assessments, and more. Contact us today with any questions about our cyber security services or to schedule a consultation with a member of our team.

Frequently Asked Questions

What is ransomware-as-a-service?

Ransomware-as-a-service is a cybercrime business model where experienced attackers provide ransomware tools, infrastructure, and support to affiliates in exchange for a share of ransom payments.

Why are ransomware attacks increasing?

Ransomware attacks are increasing due to the growth of remote work, unpatched vulnerabilities, phishing campaigns, cryptocurrency-based payments, and the availability of RaaS platforms that lower the barrier to entry for attackers.

What is quadruple extortion in ransomware attacks?

Quadruple extortion combines multiple pressure tactics such as data encryption, data theft, denial-of-service attacks, and public harassment of customers or stakeholders to force victims into paying ransom demands.

What industries are most targeted by ransomware groups?

Healthcare, manufacturing, construction, legal services, retail, and other critical infrastructure industries are frequently targeted because operational disruption in these sectors can create strong pressure to pay ransoms quickly.

How can businesses reduce ransomware risk?

Businesses can reduce ransomware risk through employee phishing awareness training, vulnerability management, endpoint protection, network segmentation, backups, multi-factor authentication, and continuous cybersecurity monitoring.

Ransomware Defense and Cybersecurity Resilience Expertise from Matt Rosenthal

Matt Rosenthal, CEO of Mindcore Technologies, has extensive experience helping organizations defend against ransomware attacks, cyber extortion campaigns, and evolving digital threats across complex business environments. His expertise in threat monitoring, penetration testing, vulnerability management, endpoint protection, incident response, identity governance, and managed cybersecurity services helps businesses reduce operational risk and strengthen cyber resilience. His leadership focuses on building proactive cybersecurity frameworks that improve visibility, strengthen operational continuity, reduce ransomware exposure, and support long-term organizational resilience against advanced cyber threats.

Matt Rosenthal Headshot
Learn More About Matt

Matt Rosenthal is CEO and President of Mindcore, a full-service tech firm. He is a leader in the field of cyber security, designing and implementing highly secure systems to protect clients from cyber threats and data breaches. He is an expert in cloud solutions, helping businesses to scale and improve efficiency.

Related Posts