Here are the most expensive Ransomware attacks in 2020
Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way that is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.
In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
Ransomware attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment.
According to a research conducted by Cybersecurity firm Emsisoft, businesses around the world which became victims of ransomware attacks reportedly spent at least $144.2 million on mitigating the repercussions of the attack and this includes network rebuilding costs, investigation expenses and backed up data restoration.
And some of the costliest ransomware attacks which took place in 2020 are lined up below-
ISS World, a demark based company announced in March this year that the ransomware attack that impacted its email servers in February 2020 leaving hundreds of employees without access to their systems and email had cost it $74 million which includes regaining control of the affected IT systems and re-launching critical business systems.
The cognizant ransomware attack that occurred in April 2020 is said to have cost the company anything between $50 million to $73 million and this includes the legal and consultation costs, data recovery costs along with the financial loss expected to be reflected in the earnings of the second quarter in 2020.
The February 8th, 2020 ransomware attack that took place on UK’s Redcar and Cleveland Council is said to have disrupted the company’s network, tablets, computers, and mobile devices for 3 full weeks. In March 2020, the council released a press statement that it could take months for the recovery and might cost it anywhere between $14 million to $21 million.
On the 2020 New Years’ Eve, renowned money exchange firm Travelex stated that a file-encrypting malware attack has shut its internal networks, website, and few of the apps for several weeks. And in April this year, The Wall Street Journal stated that it paid $2.3 million in the form of 285 BTC to hackers to free up its locked data.
The ransomware attack that was launched at the University of California San Francisco (UCSF) is said to have impacted students who were trying to access the servers storing research and academia related information of the School of Medicine. While the hackers demanded $3 million in BTC, the authorities negotiated it and paid the cyber crooks $1.14 million approx in exchange for the decryption key.
A phishing attack launched on the network of the California based firm Communications & Power Industries (CPI) is said to have locked the data storing servers from access. And authorities of the said company reportedly paid $500,000 to obtain a decryption key that was used to unlock the data stored on the servers- mostly related to US Military and Aegis, a company related to Lockheed Martin.
On Feb 23rd of this year, La Salle County government servers were infected by a file-encrypting malware disrupting the access to email accounts and access to sensitive documents. As the authorities did not want to bow down to the ransom demands of hackers, they chose to recover data by other means and is expected to cost more than $500,000. However, the good news is that the county was covered by a cyber insurance policy and so most of the costs- say 85%- are expected to be paid by the insurance company.
Grubman Shire Meiselas & Sacks which offers legal consultation services to some of the reputed celebrities around the world were infected by file-encrypting malware developed by the REvil also known as Sodinokibi ransomware group which stole around 765GB of data and threatened the company to sell it online. After the firm decided to pay $365,000 to receive the stolen documents the hackers started to demand $42 million to free up the data. From then on the company kept silent on what it has paid or will pay giving raise to several media speculations.
In a ransomware attack that took place on January 22nd of 2020, Tillamook County witnessed the disruption of its email network, websites, and phone systems along with 280 county’s workstations. Since the recovery costs were well going over the demanded sum of $300,000, the county officials chose to pay the ransom to REvil ransomware group that was behind the incident.
On May 6th of 2020, a ransomware gang targeted the windows 10 servers at Florence, Ala prompting the mayor to pay $291,000 in BTC after several negotiations.
As San Miguel County of New Mexico was targeted by a ransomware group on February 6th of 2020, the authorities were forced to pay $250,000 in BTC for the recovery of data.
Here are also Most commonly reported ransomware strains
- STOP (Djvu): 70.20%
- Phobos: 9.70%
- Dharma (.cezar): 8.00%
- REvil / Sodinokibi: 3.50%
- Globeimposter 2.0: 2.30%
- Magniber: 1.80%
- Rapid: 1.70%
- Rapid 2.0 / 3.0: 1.00%
- Zeppelin: 0.90%
For more news on tech and cybersecurity stay tuned on Android Rookies by subscribing to our newsletter from here.