While ransomware has been around for decades, its prevalence has exploded over the last two years. These attacks used to be perpetrated by individuals; now they’re launched by networked groups of affiliates who buy and sell each other’s specialized skills and toolkits. Attacks were once unfocused and onedimensional; now they use targeted, multi-layered tactics that are much harder to defend against and that command much higher ransoms. Ransomware is expected to cause $20 billion in damages by the end of 2021.
Arguably, the most impactful trend in modern ransomware is the advent of double-extortion attacks, in which attackers steal data and threaten to publish it in addition to encrypting it. Roughly 50% of ransomware attacks now include attempts to exfiltrate data.