The amounts demanded as ransom are also exploding, up to as much as $40 million.
IBM reports that as of September 2020, one in four attacks that its Security X-Force Incident Response has remediated this year have been caused by ransomware.
In addition, ransomware incidents appeared to explode in June 2020. That month saw one-third of all the ransomware attacks IBM Security X-Force has remediated so far this year.
According to IBM, 29% of the ransomware attacks it remediated were made up of the Sodinokibi (also known as REvil) ransomware-as-a-service (RaaS) attack model.
This model was used to target entertainment and media law firm Grubman Shire Meiselas and Sacks. The ransomers from that hack demanded $21 million to return stolen data for stars such as Madonna, Lady Gaga and Bruce Springsteen, according to the firm.
Ransomware is having a more severe impact in 2020, according to IBM analysts. This is due to increasing random demands and attacks that combine ransomware with “traditional” data theft and extortion.
Which companies were the most targeted?
Schools and universities are now to be an attractive target for ransomware attacks. The education sector is especially vulnerable as they begin classes virtually or are experimenting with hybrid environments due to COVID-19.
A group of universities attacked in May and June 2020 has expanded to additional academic institutions in August and September. In order to keep sensitive information on students, faculty and research safe, universities are now paying ransoms up to over $1 million.
Other targets include the manufacturing sector, which ransomware impacts the most. Manufacturing attacks account for nearly a quarter of all the incidents responded to so far this year. The professional services sector is the second most targeted industry and has experienced 17% of ransomware attacks. Government organizations follow in third place at 13% of attacks, according to IBM.