Ransom Leak Sites Reveal 422% Annual Increase in Victims

Over three-quarters of consumers and cybersecurity professionals want to see ransom payments made illegal, as new figures showed a triple-digit year-on-year increase in victim organizations.

Mandiant claimed to have detected a 422% increase in victim organizations announced by ransomware groups on their leak sites between Q1 2020 and the first quarter of 2021.

That amounted to over 600 European organizations, with those in manufacturing, legal and professional services and retail most affected.

The new figures come as research from Talion revealed that 78% of UK consumers and 79% of security professionals believe payments to these groups should be banned by law.

It’s an increasingly controversial area, with many commentators blaming cyber-insurance policies for effectively bankrolling threat groups and encouraging more malicious actors to join the fast-growing ransomware cybercrime industry.

It recently emerged that corporate victims that pay up may even be able to deduct these sums from their US tax bills, providing another incentive to hand over money to cybercrime groups.

However, there have also been signs that things are shifting the other way: in France, AXA recently said that it would not be reimbursing policyholders for ransom payments.

The research was released to publicize a new #RansomAware initiative backed by the Research Institute for Sociotechnical Cyber Security (RISCS), which aims to encourage organizations to speak up about attacks.

Former National Cyber Security Centre (NCSC) CEO, Ciaran Martin, now professor at the Blavatnik School of Government, welcomed the initiative.

“We need to look at all the different reasons why ransomware is causing so much harm,” he said.

“That includes tackling the tough questions like the flows of money, including looking seriously at payment bans. But we need to provide more support for victims too, and help them protect themselves in the first place.”     

The Talion study also revealed that 81% of security professionals believe information sharing between victim organizations is key to building better defenses against ransomware.

What’s Hot on Infosecurity Magazine?