What are prompt injections and why do they matter?
How threat actors are turning AI against itself.
Read MoreWelcome to the new 118 cyber warriors who joined us last week. Each week, we'll be sharing insights from the Black Hat MEA community. Read exclusive interviews with industry experts and key findings from the #BHMEA stages.
Keep up with our weekly newsletters on LinkedIn — subscribe here.
Our weekly delivery of insights from the cybersecurity sector – including exclusive interviews with experts from the global Black Hat MEA community.
How much money threat actors are asking for when they execute ransomware attacks.
At time of writing, the attackers who used breached credentials to target customers of Snowflake cloud storage system are demanding payments from those victims (totalling at least 10 companies) of between USD $300,000 and $5 million.
According to the State of Ransomware 2024 report from Sophos, the average ransom payment has increased by 500% over the last year. Organisations surveyed for this report disclosed average payments of $2 million (up from $400,000 in 2023). And that’s before the cost of recovery after an attack – which reached $2.73 million.
Attackers are seeking large payoffs – but that doesn’t mean they’re only targeting companies with the highest annual revenues. While 63% of ransom demands from 2023-24 were for $1 million or more, and 30% were for more than $5 million, nearly half (46%) of organisations with revenue of under $50 million received a ransom demand of seven figures.
Not all ransomware groups are making such expensive demands, though. The Phobos strain, for example, yielded median ransom payments of under $1,000 in 2023 – with a strategy of high frequency attacks against smaller entities, and leveraging a ransomware-as-a-service (RaaS) model to support the volume of attacks.
2023 was a record-breaking year for ransomware attackers, exceeding $1 billion in extorted cryptocurrency payments from victims.
Ransomware groups increasingly operate very much like legitimate businesses – and like a legitimate business, they take into account a range of different factors when they’re deciding what they need their ROI-per-attack to be.
Those factors might include:
They want to make money. And they have to balance this with a touch of reality – keeping ransom sums within a range that they have reason to believe a victim can or will pay.
Ransom sums can vary wildly. But broadly speaking, they’re on an upward trajectory.
What are the factors you think are affecting ransom sums in 2024? We want your perspective. Open this newsletter on LinkedIn and tell us in the comment section.
Do you have an idea for a topic you'd like us to cover? We're eager to hear it! Drop us a message and share your thoughts. Our next newsletter is scheduled for 17 July 2024.
Catch you next week,
Steve Durning
Exhibition Director
Join us at Black Hat MEA 2024 to grow your network, expand your knowledge, and build your business.
Join the newsletter to receive the latest updates in your inbox.
How threat actors are turning AI against itself.
Read MoreWe take a quick look at major cybersecurity funding rounds and key investment trends in 2024.
Read MorePhysical entry points: Why cybersecurity isn’t just digital.
Read More