Not every victim of cybercrime looks for ransomware removal strategies. There are some who pay their attackers which cumulated to an average $6733 in the last quarter of 2018. This average amount was derived out of a total of 226 unique kinds of ransomware attacks and they were targeted towards both organization and individuals.
Higher Than Average Ransoms
The same data from the fourth quarter of 2018 revealed that some ransomware strains such as Ryuk and SamSam had started demanding ransom payments which were higher than average. These weren’t even a few infections – in fact they amounted to the greater portion of attacks in the quarter.
These ransomware strains, however, weren’t really the most prevalent forms of malware. The report found that the most common variants included extensions such as ‘.gamma’,’.adobe’,’.combo’, GlobelImposter and even GandCrab.
The Increased Preference of Bitcoin
As was noticed in the end of 2018 and was predicted for 2019, cyber criminals still prefer to be paid in bitcoin. According to the findings of ransomware removal companies 95% of all cyber criminals had demanded their payments in Bitcoin while the rest had switched to platforms like dash.
The report explained this by saying that bitcoin wallets tend to be anonymous which is probably why they are preferred by the perpetrators. That said, these transactions are quite traceable. As opposed to dash, as was seen in the case of GandCrab, the transactions have much more anonymity.
They Keep Targeting Backups
Security and ransomware removal experts have been urging computer users to keep backups of their systems and data. This is so because wiping the system is known to be the best cure against ransomware and system restore is made much easier with backups available.
That said, cyber criminals have also started targeting mounted backups. These are those types of backups that are connected to systems or network servers – which makes them easy to infiltrate. This is why ransomware removal specialists have advised users to switch to backup sources that are completely disconnected from systems.
75% of all the ransomware victims who had ended up paying their attackers had no external backups. This resulted in their data and systems being completely locked and disconnected. This is why we recommend computer users to implement proper forms of network portioning and allowing least privilege forms of administrative access in order to avoid getting compromised.
