New(est) rules in ransomware

Ransomware group Sodinokibi,  or REvil, accounted for 22% of ransomware incidents IBM Security X-Force responded to in 2020.

New rulers

NEW  RULES

On top of encrypting data and demanding a ransom for the decryption key, Sodinokibi employed an added extortion tactic.

Sodinokibi playing dirty

Sodinokibi used data leaks to pressure organizations into paying; around 43% of victims suffered this in 2020.

High stakes

Sodinokibi demanded ransom payments of 1-5% of annual revenue, which in one case was $42 million USD.

IBM Security X-Force estimates that Sodinokibi ransomware actors made about $123 million in 2020.

TO PAY OR NOT TO PAY?

Whether to pay a ransom is a business decision; two-thirds of Sodinokibi victims paid in 2020.

BE PREPARED

IBM Security X-Force recommends creating a plan that addresses ransomware and data extortion techniques and regularly drilling  this plan.

ACTIONABLE INTELLIGENCE

Learn to be proactive against threats  with the IBM X-Force Threat Intelligence index.