1 EXECUTIVE SUMMARY 2020 was the year of ransomware. The average ransom payout has steadily increased since Q4 2019 to US$84,116, reaching US$233,817 in Q3 2020 1 . The increase in ransom payouts can be explained by the most prevalent change we observed in the ransomware threat landscape in the past year: ransomware gangs adopted a new “double extortion” tactic, where alongside encrypting victims’ files, they also exfiltrate their data and threaten to leak it online, should the victim decide not to pay. This tactic exerts more pressure on victims compared to traditional ransomware attacks, possibly convincing more victims to pay the ransom in order to avoid their sensitive data being leaked, which could cause additional financial and reputational damage. The prevalence of “double-extortion” ransomware attacks in the course of 2020 was felt strongly in the cybersecurity community, and this inspired us to dive deeper into this trend from the cyber threat intelligence angle. We conducted a comprehensive statistical analysis of ransomware attacks that involved exfiltration and leakage of victims’ data. This report is based on a comprehensive database Until 2020, data exfiltration was perceived as a tactic associated with nation-state attackers conducting cyber-espionage campaigns and banking Trojans operators who steal financial data. A study WE ANALYZED https://www.sophos.com/en-us/medialibrary/pdfs/technical-papers/sophos-2021-threat-report.pdf; https://www.coveware.com/blog/q3-2020-ransomware-marketplace-report that was collected from websites of 21 ransomware groups. These groups were involved in exfiltrating data from a total of 1,112 companies, in 63 countries. With regards to industry classification, we used 18 key industries. For more details on how we conducted our research, please review the “methodology” section below. conducted in 2019, analyzing dozens of ransomware strains, emphasized that ransomware gangs were not using this tactic because their ultimate goal was to encrypt victims’ systems. RANSOM PAYOUT GROWTH Q4 2019 178% Q3 2020 US$84,116 US$233,817 Ransomware groups 21 Companies 1,112 Countries 63 Key Industries 18 1. 3 | The Ransomware Landscape