Ransomware payments surge despite dwindling attacks

Organizations impacted by ransomware intrusions paid an average ransom of $3.6 million this year, which is 44% higher than last year, despite a nearly 25% year-over-year decline in ransomware incidence, with the healthcare and government sectors providing the highest ransoms, according to Infosecurity Magazine.

More sophisticated ransomware operations and an increasingly broad attack surface have fueled the surge in ransom payments, a report from ExtraHop revealed. Public cloud infrastructure, third-party integrations, and generative artificial intelligence apps were noted as the leading attack surfaces, while phishing, software flaws, and supply chain compromises were the primary intrusion vectors.

Additional findings showed that ransomware incidents usually caused almost 37 hours of downtime and were commonly contained in over two weeks, with response and recovery efforts hindered by inadequate visibility and talent, as well as alert fatigue.

Combating mounting ransomware damage necessitates immediate attack surface mapping and vulnerability discovery, internal network traffic monitoring, and vigilance on novel attack techniques, noted ExtraHop.