Percentage of ransomware demands paid falls sharply
Reprints
The ratio of ransoms demanded to those paid is declining steadily despite criminals’ efforts to double extort victims, according to a report issued Thursday.
The percentage of ransomware paid decreased to 12% in the third quarter, compared with 44% for the same period last year, according to the report issued by Boston-based Corvus Insurance, a unit of Corvus Insurance Holdings Ltd.
“Organizations have generally become better prepared to handle ransomware. Improvements to system backups are the major factor enabling victims to stand up to criminals with confidence,” the report said.
“More robust backups strategies include both better protected internal backups as well as offsite backups that act as a failsafe.”
The report also said ransomware’s frequency dropped by 50% in the second quarter from the first quarter and was sustained through the third quarter. This was likely linked to the shutdown of two prolific ransomware groups, Darkside and REvil.
The report pointed to companies’ improved security measures. The overall presence of accessible remote desktop protocol, which is a legacy method of providing remote access to computers or servers that is vulnerable to credential compromise, has dropped by nearly 50% within a year, the report said, thanks to security practitioners’ efforts and scanning software.
However, there was variation depending on the industry, it said. While most industries saw an 80% decline, including a 76% decline by insurance agents and brokers, a few, including retailers and restaurants, saw increases in accessible RDP which the report said is likely because of “how rare remote work was for the industries before COVID-19.”
