Ransomware group Sodinokibi, or REvil, accounted for 22% of ransomware incidents IBM Security X-Force responded to in 2020.
On top of encrypting data and demanding a ransom for the decryption key, Sodinokibi employed an added extortion tactic.
Sodinokibi used data leaks to pressure organizations into paying; around 43% of victims suffered this in 2020.
Sodinokibi demanded ransom payments of 1-5% of annual revenue, which in one case was $42 million USD.
Whether to pay a ransom is a business decision; two-thirds of Sodinokibi victims paid in 2020.
IBM Security X-Force recommends creating a plan that addresses ransomware and data extortion techniques and regularly drilling this plan.
Learn to be proactive against threats with the IBM X-Force Threat Intelligence index.