Ransomware Payments Hit New Records in 2021 as Dark Web Leaks Climbed, According to New Report from Palo Alto Networks Unit 42

11 months ago · 0 comments

Average ransom demand increased from 144% to $2.2 million.

Average payment grew from 78% per cent to $541,010.

Posts on name-and-shame Dark Web leak sites rose 85%.

Ransomware revenues hit new records in 2021 as cybercriminals increasingly shifted to Dark Web "leak sites" where they pressured targets to pay up by terrorising to release discreet data, according to research from Unit 42 by Palo Alto Networks. 

The average ransom demand in topics worked by Unit 42 happening responders rose 144% in 2021 to $2.2 million, while the average earnings climbed 78% to $541,010, according to The 2022 Unit 42 Ransomware Threat Report. The most affected industries were Skilled and Legal Services, Construction, Wholesale and Retail, Healthcare, and Manufacturing.

"In 2021, ransomware attacks interrupted with everyday actions that people all over the world take for granted– everything from purchasing groceries, buying gasoline for our cars to calling 911 in the event of a crisis and obtaining medical care," said Jen Miller-Osborn, deputy director, Unit 42 

Threat Intelligence.

The Conti ransomware mob was responsible for the most activity, accounting for more than 1 in 5 cases performed by Unit 42 consultants in 2021. REvil, also known as Sodinokibi, was No. 2  at 7.1%, pursued by Hello Kitty and Phobos (4.8% each). Conti also published the names of 511 organisations on its Dark Web leak site, the most of any group.