1 EXECUTIVE SUMMARY 2020 was the year of ransomware. The average ransom payout has steadily increased since Q4 2019 to US$84,116, reaching US$233,817 in Q3 2020 1 . The increase in ransom payouts can be explained by the most prevalent change we observed in the ransomware threat landscape in the past year: ransomware gangs adopted a new “double extortion” tactic, where alongside encr pting ictims’ åfles, the also e åfltrate their data and threaten to leak it online, should the victim decide not to pay. This tactic exerts more pressure on victims compared to traditional ransomware attacks, possibly convincing more victims to pay the ransom in order to avoid their sensitive data being leaked, which could cause additional åfnancial and reputational damage. The prevalence of “double-extortion” ransomware attacks in the course of 2020 as felt strongl in the cybersecurity community, and this inspired us to dive deeper into this trend from the cyber threat intelligence angle. We conducted a comprehensive statistical analysis of ransomware attacks that in ol ed e åfltration and leakage of ictims’ data. This report is based on a comprehensive database Until 2020, data e åfltration as percei ed as a tactic associated with nation-state attackers conducting cyber-espionage campaigns and banking Trojans operators ho steal åfnancial data. A stud WE ANALYZED https:// .sophos.com/en-us/medialibrar /pdfs/technical-papers/sophos-2021-threat-report.pdf; https:// .co e are.com/blog/q3-2020-ransom are-marketplace-report that was collected from websites of 21 ransomware groups. These groups ere in ol ed in e åfltrating data from a total of 1,112 companies, in 63 countries. With regards to industr classiåfcation, e used 18 key industries. For more details on how we conducted our research, please review the “methodology” section below. conducted in 2019, anal ing do ens of ransom are strains, emphasi ed that ransom are gangs ere not using this tactic because their ultimate goal as to encr pt ictims’ s stems. RANSOM PAYOUT GROWTH Q4 2019 178% Q3 2020 US$84,116 US$233,817 Ransomware groups 21 Companies 1,112 Countries 63 Key Industries 18 1. 3 | The Ransomware Landscape