London Daily

Focus on the big picture.
Tuesday, Jul 07, 2026

Ransomware criminals' demands rise as aggressive tactics pay off

Ransomware criminals' demands rise as aggressive tactics pay off

Average ransomware demands and payments are up as criminal enterprises pour money into the profitable operations

Ransomware gangs are getting greedier as aggressive tactics pay off.

The ransomware crisis just keeps getting worse as criminal enterprises pour money into highly profitable ransomware operations, according to a report from Palo Alto Networks’ Unit 42 security consulting group.

The average ransomware payment climbed 82% to a record $570,000 in the first half of 2021 from $312,000 in 2020.


And criminal gangs are upping demands. The average ransom demand so far this year is $5.3 million, surging 518% from 2020 when the average demand was $847,000. That’s because too often it works.

"Ransomware attacks have prevented us from accessing work computers, pushed up meat prices, led to gasoline shortages, shut down schools, delayed legal cases, prevented some of us from getting our cars inspected and caused some hospitals to turn away patients," the report said.

For a single victim, the largest ransom demand seen by Unit 42 consultants rose to $50 million in the first half of 2021 from $30 million last year.

Ransomware gangs are getting greedier as aggressive tactics pay off.


Larger demands and ransoms mean gangs are getting creative, as the July Kaseya VSA attack shows.

REvil, a notorious ransomware-as-a-service criminal business enterprise, offered a "universal decryption key" to all of the organizations hit by the attack in return for a $70 million payment.

"Though it quickly dropped the asking price to $50 million. Kaseya eventually obtained a universal decryption key, but it’s unclear what payment was made, if any," Unit 42 said.

This year, the largest confirmed payment was the $11 million that JBS SA said it paid after an attack in June.

Quadruple extortion


The rise of "quadruple extortion" is one of the most ominous trends, said Unit 42, whose consultants handled "dozens" of ransomware cases in the first half of 2021.

"While it’s rare for one organization to be the victim of all four techniques, this year we have increasingly seen ransomware gangs engage in additional approaches when victims don’t pay up after encryption and data theft," Unit 42 said.

These four tactics are:

Encryption:


Victims pay to regain access to computer systems after key files get encrypted. This is classic ransomware.

Data theft:


Hackers release sensitive information if a ransom is not paid. This tactic took hold in 2020.

Denial of service (DoS):


Ransomware gangs launch denial of service attacks that bring down a victim’s public websites.

Harassment:


"Cybercriminals contact customers, business partners, employees and media to tell them the organization was hacked," the report said.

And as ransomware enterprises mature, the sophistication of attacks grows.

For instance, Unit 42 is starting to see ransomware gangs target a type of software known as a hypervisor.

Also expect to see more targeting of so-called managed service providers (MSPs) and their customers after the Kaseya attack, which spread to clients of MSPs, Unit 42 said.

Some gangs, however, will continue to focus on the "low end of the market...regularly targeting small businesses that lack resources to invest heavily in cybersecurity," the report said. Those ransom payments typically range from $10,000 to $50,000.

Newsletter

Related Articles

0:00
0:00
Close
UK Met Office Issues Heatwave Alerts for London and Southern England
Keir Starmer Blocks Earlier World Cup Kick-Off Time for England Match Against Mexico
NHS Digital Transformation and Media Consolidation Highlight UK Policy Priorities
UK Government Pushes Digital Trade Rules to Cut Export Costs for Businesses
Bank of England Plans Leverage Rule Changes to Support Government Bond Market
UK Police Operation Targets Organised Immigration Crime Networks With Hundreds of Arrests
Yvette Cooper Calls for Global AI Rules to Prevent Security Risks
NHS Begins Major AI Expansion Through £10 Billion Digital Investment Programme
UK Government Tightens Rules on Political Donations to Limit Foreign Influence
Keir Starmer Defends UK Defence Spending Plan at NATO Summit in Turkey
Comcast’s Sky Agrees £1.6 Billion Deal to Acquire ITV Media and Entertainment Division
Senior NHS Doctors Vote in Favour of Renewed Strike Action Over Pay Dispute
Andy Burnham Set to Succeed Keir Starmer as Labour Leadership Nominations Open
Microsoft Lays Off 4,800 Employees and Xbox Suffers the Hardest Blow
Deep Purple Has Released Its Best Album in Decades
Office for National Statistics Updates Historical Investment Data Review to Improve Accuracy
Department for Science, Innovation and Technology Highlights Economic Gains From Digital Inclusion
Debate Intensifies Over UK Defence Strategy and Domestic Security Priorities
Report Warns Full Transport Accessibility Could Add £176 Billion to UK Economy Annually
Medicines Regulator Approves First Targeted Treatment for Advanced Merkel Cell Skin Cancer
Government Commits £22 Million to Brighton Seafront Infrastructure Renewal and Transport Safety
National Security Bill Returns to House of Commons Amid Calls to Protect Humanitarian Work
Government Tightens Overseas Political Donation Rules to Strengthen Safeguards Against Foreign Influence
NHS Maternity Reform Expands Central Oversight After Critical National Review
Dover Border Warnings Highlight Post-Brexit Pressure on Cross-Channel Trade
Private Nuclear Consortium Advances £35 Billion Small Reactor Strategy in UK
UK Labour Leadership Signals Shift Toward Reindustrialisation and Regional Power
House of Lords Debates Rail Nationalisation Bill to Create Great British Railways
Scottish Affairs Committee Expands Inquiry Into SNP Financial Conduct
Evri Launches £1.2 Million Defamation Case Against BBC Over Panorama Investigation
Port of Dover Warns of Border Delays as EU Entry-Exit System Looms
Nigel Farage Referred to Standards Watchdog Over Alleged Undeclared Benefits
UK Government Faces Scrutiny Over Claimed AI Datacentre Investment After FOI Findings
UK and India Finalise Trade Agreement Rules Ahead of Mid-July Implementation
UK Government Establishes National Maternity Commissioner After Major Review of NHS Care Failures
Private Consortium Plans £35 Billion UK Nuclear Programme Targeting Small Modular Reactor Rollout
Andy Burnham Sets Out Ten-Year Reindustrialisation and Devolution Plan as Leadership Transition to UK Premiership Advances
Morocco and France Advance as 2026 FIFA World Cup Enters Quarterfinals.
Historic 2026 Tour de France Opens in Barcelona With Revamped Team Time Trial.
Global Mergers and Acquisitions Approach $4 Trillion Defying Geopolitical Tumult.
Negotiators Advance 20-Point Framework for Gaza Ceasefire and Demilitarization.
OECD Warns Middle East Conflict Will Depress Global Economic Growth.
Ukrainian Drones Strike Major Oil Terminal in St. Petersburg.
World Meteorological Organization Issues Urgent Alert Over Rapidly Intensifying El Niño.
United States Commemorates 250th Anniversary With Diplomatic Summits and Global Flotilla.
Iran Begins Days-Long Funeral for Supreme Leader Khamenei Amid Strait of Hormuz Standoff.
Technology giant reports surging carbon emissions driven by artificial intelligence infrastructure demands.
Artificial intelligence adoption accelerates workforce reductions across the technology and financial sectors.
Global technology and financial conglomerates collaborate to launch a new stablecoin standard.
United States regulators lift export restrictions on a major frontier artificial intelligence model.
×