Average ransomware payments more than double in value

Coveware says ransom has climbed to over $80,000

The average ransom demanded by cybercriminals when committing a cyberattack more than doubled in Q4 last year, according to Coveware.

The cybersecurity company said that the average payment rocketed 104 per cent to $84,116 (£64,408).

Coveware said that the sharp increase is a result of an increased focus on larger enterprises, resulting in larger ransom demands.

The firm said that one strain of ransomware, Ryuk, reached a new payment high of $780,000.

Covewire provides ransomware incident response services and in some cases recommends that attacked businesses pay the ransom to retrieve their data, with its team carrying out "extortion negotiation" on behalf of victims.

It claimed that there was a 98 per cent payment success rate in Q4, meaning that decryption tools were sent to the affected businesses in the vast majority of cases.

On average these companies were able to decrypt 97 per cent of their data.

Coveware said that it sees "better outcomes" when dealing with more sophisticated attackers because they tend to be careful during the encryption process.

"Less sophisticated attackers have a higher likelihood of deploying payloads in an irresponsible manner that corrupts data beyond recovery," it explained.

"We have seen certain ransomware-as-a-service groups become very selective about who they allow to become a distribution affiliate.

"This can limit the scope of their earnings but allows them to control the reputation of their ransomware, which in the long run may result in higher profits from their criminal efforts."

Coveware said that over half of ransomware attacks were triggered through vulnerabilities in the Remote Desktop Protocol (57.4 per cent), with email phishing accounting for over one quarter (26.3 per cent).