London Daily

Focus on the big picture.
Thursday, Jul 10, 2025

Ransomware criminals' demands rise as aggressive tactics pay off

Ransomware criminals' demands rise as aggressive tactics pay off

Average ransomware demands and payments are up as criminal enterprises pour money into the profitable operations

Ransomware gangs are getting greedier as aggressive tactics pay off.

The ransomware crisis just keeps getting worse as criminal enterprises pour money into highly profitable ransomware operations, according to a report from Palo Alto Networks’ Unit 42 security consulting group.

The average ransomware payment climbed 82% to a record $570,000 in the first half of 2021 from $312,000 in 2020.


And criminal gangs are upping demands. The average ransom demand so far this year is $5.3 million, surging 518% from 2020 when the average demand was $847,000. That’s because too often it works.

"Ransomware attacks have prevented us from accessing work computers, pushed up meat prices, led to gasoline shortages, shut down schools, delayed legal cases, prevented some of us from getting our cars inspected and caused some hospitals to turn away patients," the report said.

For a single victim, the largest ransom demand seen by Unit 42 consultants rose to $50 million in the first half of 2021 from $30 million last year.

Ransomware gangs are getting greedier as aggressive tactics pay off.


Larger demands and ransoms mean gangs are getting creative, as the July Kaseya VSA attack shows.

REvil, a notorious ransomware-as-a-service criminal business enterprise, offered a "universal decryption key" to all of the organizations hit by the attack in return for a $70 million payment.

"Though it quickly dropped the asking price to $50 million. Kaseya eventually obtained a universal decryption key, but it’s unclear what payment was made, if any," Unit 42 said.

This year, the largest confirmed payment was the $11 million that JBS SA said it paid after an attack in June.

Quadruple extortion


The rise of "quadruple extortion" is one of the most ominous trends, said Unit 42, whose consultants handled "dozens" of ransomware cases in the first half of 2021.

"While it’s rare for one organization to be the victim of all four techniques, this year we have increasingly seen ransomware gangs engage in additional approaches when victims don’t pay up after encryption and data theft," Unit 42 said.

These four tactics are:

Encryption:


Victims pay to regain access to computer systems after key files get encrypted. This is classic ransomware.

Data theft:


Hackers release sensitive information if a ransom is not paid. This tactic took hold in 2020.

Denial of service (DoS):


Ransomware gangs launch denial of service attacks that bring down a victim’s public websites.

Harassment:


"Cybercriminals contact customers, business partners, employees and media to tell them the organization was hacked," the report said.

And as ransomware enterprises mature, the sophistication of attacks grows.

For instance, Unit 42 is starting to see ransomware gangs target a type of software known as a hypervisor.

Also expect to see more targeting of so-called managed service providers (MSPs) and their customers after the Kaseya attack, which spread to clients of MSPs, Unit 42 said.

Some gangs, however, will continue to focus on the "low end of the market...regularly targeting small businesses that lack resources to invest heavily in cybersecurity," the report said. Those ransom payments typically range from $10,000 to $50,000.

Newsletter

Related Articles

0:00
0:00
Close
Severe Heatwave Claims 2,300 Lives Across Europe
NVIDIA Achieves Historic Milestone as First Company Valued at $4 Trillion
Declining Beer Consumption Signals Cultural Shift in Germany
Linda Yaccarino Steps Down as CEO of X After Two Years
US Imposes New Tariffs on Brazilian Exports Amid Political Tensions
Azerbaijan and Armenia are on the brink of a historic peace deal.
Emails Leaked: How Passenger Luggage Became a Side Income for Airport Workers
Polish MEP: “Dear Leftists - China is laughing at you, Russia is laughing, India is laughing”
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Weinstein Victim’s Lawyer Says MeToo Movement Still Strong
U.S. Enacts Sweeping Tax and Spending Legislation Amid Trade Policy Shifts
Football Mourns as Diogo Jota and Brother André Silva Laid to Rest in Portugal
Labour Expected to Withdraw Support for Special Needs Funding Model
Leaked Audio Reveals Tory Aide Defending DEI Record
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
London Stock Exchange Faces Historic Low in Initial Public Offerings
A new online platform has emerged in the United Kingdom, specifically targeting Muslim men seeking virgin brides
Trump Celebrates Independence Day with B-2 Flyover and Signs Controversial Legislation
Boris Johnson Urges Conservatives to Ignore Farage
SNP Ordered to Update Single-Sex Space Guidance Within Days
Starmer Set to Reject Calls for Wealth Taxes
Stolen Century-Old Rolls-Royce Recovered After Hotel Theft
Macron Presses Starmer to Recognise Palestinian State
Labour Delayed Palestine Action Ban Over Riot Concerns
Swinney’s Tax Comments ‘Offensive to Scots’, Say Tories
High Street Retailers to Enforce Bans on Serial Shoplifters
Music Banned by Henry VIII to Be Performed After 500 Years
Steve Coogan Says Working Class Is Being ‘Ethnically Cleansed’
Home Office Admits Uncertainty Over Visa Overstayer Numbers
JD Vance Questions Mandelson Over Reform Party’s Rising Popularity
Macron to Receive Windsor Carriage Ride in Royal Gesture
Labour Accused of ‘Hammering’ Scots During First Year in Power
BBC Head of Music Stood Down Amid Bob Vylan Controversy
Corbyn Eyes Hard-Left Challenge to Starmer’s Leadership
London Tube Trains Suspended After Major Fire Erupts Nearby
Richard Kemp: I Felt Safer in Israel Under Attack Than in the UK
Cyclist Says Police Cited Human Rights Act for Riding No-Handed
China’s Central Bank Consults European Peers on Low-Rate Strategies
AI Raises Alarms Over Long-Term Job Security
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Musk Battles to Protect Tesla Amid Trump Policy Threats
Air France-KLM Acquires Majority Stake in Scandinavian Airlines
UK Educators Sound Alarm on Declining Child Literacy
Shein Fined €40 Million in France Over Misleading Discounts
Brazil’s Lula Visits Kirchner During Argentina House Arrest
Trump Scores Legislative Win as House Passes Tax Reform Bill
Keir Starmer Faces Criticism After Rocky First Year in Power
DJI Launches Heavy-Duty Coaxial Quadcopter with 80 kg Lift Capacity
U.S. Senate Approves Major Legislation Dubbed the 'Big Beautiful Bill'
Largest Healthcare Fraud Takedown in U.S. History Announced by DOJ
×