{"id":32326,"date":"2020-11-25T13:24:15","date_gmt":"2020-11-25T11:24:15","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=32326"},"modified":"2025-08-28T08:05:09","modified_gmt":"2025-08-28T05:05:09","slug":"ransomware-damage-since-late-2019-has-topped-1-billion","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/ransomware-damage-since-late-2019-has-topped-1-billion\/","title":{"rendered":"Ransomware damage since late 2019 has topped $1 billion"},"content":{"rendered":"<p>From November 2019 to November 2020, hackers conducted over 500 public attacks using ransomware across more than 45 countries. The total damage from their activity exceeded $1 billion, according to Group-IB specialists.<!--more--><\/p>\n<p>The most popular targets of the extortionists were US-based companies: they accounted for about 60% of all known attacks. The share of attacks in European countries was about 20%. Around 10% were attributed to countries in North and South America (excluding the United States) and Asia \u2013 7%.<\/p>\n<p><img loading=\\\"lazy\\\" decoding=\\\"async\\\" class=\\\"alignnone size-full wp-image-117599\\\" src=\\\"https:\/\/forklog.com\/wp-content\/uploads\/image-1-2.png\\\" alt=\\\"\u0423\u0449\u0435\u0440\u0431 \u043e\u0442 \u0432\u0438\u0440\u0443\u0441\u043e\u0432-\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u043e\u0432 \u0441 \u043a\u043e\u043d\u0446\u0430 2019 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b $1 \u043c\u043b\u0440\u0434\\\" width=\\\"1200\\\" height=\\\"675\\\" srcset=\\\"https:\/\/forklog.com\/wp-content\/uploads\/image-1-2.png 1200w, https:\/\/forklog.com\/wp-content\/uploads\/image-1-2-300x169.png 300w, https:\/\/forklog.com\/wp-content\/uploads\/image-1-2-1024x576.png 1024w, https:\/\/forklog.com\/wp-content\/uploads\/image-1-2-768x432.png 768w\\\" sizes=\\\"auto, (max-width: 1200px) 100vw, 1200px\\\" \/\\><\/p>\n<p>In the top five most attacked sectors are manufacturing \u2013 94 victims, retail \u2013 51 victims, government institutions \u2013 39 victims, healthcare \u2013 38 victims, construction \u2013 30 victims.<\/p>\n<p>The most dangerous ransomware are Maze and REvil \u2014 since the end of 2019 they account for more than 50% of successful attacks. They are followed by Ryuk, NetWalker, DoppelPaymer.<\/p>\n<p><img loading=\\\"lazy\\\" decoding=\\\"async\\\" class=\\\"alignnone size-full wp-image-117600\\\" src=\\\"https:\/\/forklog.com\/wp-content\/uploads\/image-12.png\\\" alt=\\\"\u0423\u0449\u0435\u0440\u0431 \u043e\u0442 \u0432\u0438\u0440\u0443\u0441\u043e\u0432-\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u043e\u0432 \u0441 \u043a\u043e\u043d\u0446\u0430 2019 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b $1 \u043c\u043b\u0440\u0434\\\" width=\\\"1200\\\" height=\\\"675\\\" srcset=\\\"https:\/\/forklog.com\/wp-content\/uploads\/image-12.png 1200w, https:\/\/forklog.com\/wp-content\/uploads\/image-12-300x169.png 300w, https:\/\/forklog.com\/wp-content\/uploads\/image-12-1024x576.png 1024w, https:\/\/forklog.com\/wp-content\/uploads\/image-12-768x432.png 768w\\\" sizes=\\\"auto, (max-width: 1200px) 100vw, 1200px\\\" \/\\><\/p>\n<p>According to Group-IB experts, the popularity of ransomware has been boosted by private and public partner programs with criminals who specialise in compromising corporate networks.<\/p>\n<blockquote>\n<p>\u201cRansomware operators buy access and attack the victim. After the victim pays the ransom, a share of that amount goes to the partner,\u201d the specialists said.<\/p>\n<\/blockquote>\n<p>Since late 2019, extortionists copy all the victim company&#8217;s data to their servers for further blackmail. If the victim does not pay the ransom, they will not only lose the data but will also see it publicly available. In June 2020, REvil began conducting auctions where stolen data served as the lots.<\/p>\n<blockquote>\n<p>\u201cThe real damage from attacks is multiple times higher, since affected companies often downplay the incident, paying the extortionists, or the attack is not accompanied by the publication of data from the victim&#8217;s network,\u201d added Group-IB.<\/p>\n<\/blockquote>\n<p>In the first half of 2020, the ransomware <a href=\"https:\/\/forklog.com\/en\/news\/cybersecurity-experts-report-a-rise-in-ransomware-attacks\">disappeared<\/a> from the top threats \u2013 they accounted for only 1% of all hacker attacks. However in the third quarter they <a href=\"https:\/\/forklog.com\/en\/news\/bitcoin-ransomware-operators-lose-popularity-with-hackers\">accounted for<\/a> about 51% of all attacks using malware.<\/p>\n<p>Subscribe to ForkLog News on Telegram: <a href=\\\"https:\/\/t.me\/forklogfeed\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog Feed<\/a> \u2014 the full news feed, <a href=\\\"https:\/\/telegram.me\/forklog\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>From November 2019 to November 2020, hackers conducted over 500 public attacks using ransomware across more than 45 countries. The total damage from their activity exceeded $1 billion, according to Group-IB specialists.<\/p>\n","protected":false},"author":1,"featured_media":32327,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1945],"class_list":["post-32326","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-group-ib"],"aioseo_notices":[],"amp_enabled":true,"views":"28","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/32326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=32326"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/32326\/revisions"}],"predecessor-version":[{"id":32328,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/32326\/revisions\/32328"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/32327"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=32326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=32326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=32326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}