As reported by Security Affairs, a five-year study on the ransomware economy has revealed that over 30,000 exposed databases were targeted by ransom attacks, resulting in substantial damage even when victims did not pay.The Ransomnews Research Team's five-year study, spanning from May 2021 to May 2026, analyzed over 65,000 exposed databases, finding that 46.3% contained ransom or wipe notes. These compromised systems held more than 215 billion records, with data being stolen, wiped, or held for ransom. The study identified 514 unique attacker bitcoin wallets, with 318 showing no transaction history, indicating that the vast majority of victims did not pay. The total confirmed revenue across the dataset was approximately $753,000.The research highlights that the damage is inflicted regardless of payment, as data is often copied or deleted before the ransom note is even discovered. Exposed MongoDB and MySQL systems were compromised almost universally when found. The study also noted a shift from destructive attacks to extortion, as operators prioritize payment over data destruction for revenue. The findings underscore the need for robust security measures, such as avoiding direct public exposure of database ports and implementing strong authentication and network segmentation, as exposure often signifies that compromise has already occurred.Source: Security Affairs
Ransomware
Mass database extortion causes significant damage despite low payment rates

An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



