It’s no secret that ransomware attacks are getting worse; many of the biggest ransomware attacks happened in 2021. As hackers rake in the cash, they are investing into franchising and specialization and becoming more and more effective. As a result, the amount of pressure they are able to put on victims is increasing, and with this pressure, they are able to make bigger and bigger demands.
This leads many people to wonder “What was the worst ransomware attack ever?”
It’s difficult to define what the “worst” ransomware attack is. In most cases, the downtime caused by ransomware ends up costing much more than the ransom itself. The Colonial pipeline attack was not at all the worst ransomware attack in terms of financial damages, but it got the most press because of its disruptive effect on critical infrastructure.
The WannaCry attack is considered the biggest ransomware attack ever because of the number of computers it was able to infect – more than 300,000. It’s estimated that WannaCry caused $6 billion in damages. However, the actual earnings in terms of ransoms was quite limited.
The main damage caused by ransomware is usually downtime. It’s very difficult to accurately assess the amount of losses incurred by downtime. However, looking at ransom amounts is helpful to understand the impact of the hack, because of the way that the hackers set the ransom.
How do ransomware hackers decide how much to demand?
Ransom demands can vary a lot from attack to attack. Hackers will look at a number of factors when settings a ransom, including:
- The victim’s overall revenue.
- In case of a data leak, the sensitivity of the data.
- The percentage of the network affected by the ransom.
For example, we once had a client who dealt with large scale escrow transactions. As a result, the clients cash flow was much bigger than their actual revenue. The ransomware attackers demanded an absolutely ridiculous sum as a ransom, probably because they misjudged how much money the company was making.
If the attack compromises medical records or files from a law firm, demands tend to be much higher, because the consequences of a data leak are so serious. Finally, sometime IT security teams catch the hackers in the act and stop them from encrypting the entire network. This means the hackers have less leverage to demand a big ransom.
With no further ado, here’s our list of the biggest ransomware ransoms, ever.
Biggest Ransomware Attacks Ever
- CNA financial corporation is a US-based insurance company. In May of 2021, they paid a $40 million dollar ransom, the largest payment ever recorded at the time.
- JBS, America’s largest meat producer, also made headlines when its operations were shut down for several days by a ransomware hack. The company reportedly decided to pay the ransom, which amounted to around $11 million.
- GPS system manufacturer Garmin is believe to have paid a $10 million ransom to hackers. This is unconfirmed, however – some reports say that the initial demand was for $10 million, and Garmin has not publicly confirmed how much of that they paid.
- Austrian police announced that an unnamed Austrian company paid a $4.7 million ransom in December 2019.
- Travel services company CWT Global made history in June of 2020 with what was the biggest ransomware ransom ever at the time; $4.5 million. The original ransom demand was for $10 million, but CWT’s ransom response team negotiated it to less than half the original demand.
- The Colonial Pipeline Company was struck by ransomware in May of 2021,disrupting fuel supplies from Texas to the East Coast and causing widespread fuel shortages. The company finally decided to pay, and the hackers netted a cool $4.4 million.
- Brenntag is a chemical distribution company that ended up paying a $4.4 million ransom, tying with the Colonial pipeline attack.
- Travelex reportedly paid a $2.3 million ransom to the REvil ransomware gang, which helped push the company into bankruptcy.
- British clothing brand FatFace Ltd. paid a $2 million ransom in March of 2021.
- Hackers extorted $1.14 million from the University of California at San Francisco in June of 2020.
In April of 2021, ransomware hackers broke into Apple‘s network and demanded a $50 million dollar ransom. Apple didn’t pay up, though – good for them.
Computer manufacturer Acer also got hit by a $50 million demand, but like Apple, they also opted not to pay.
Effects of the Biggest Ransomware Attacks and Payments on the Cryptocurrency Market
One of the interesting implications of the biggest ransomware attacks is that they can potentially have a major impact on cryptocurrency markets. Some analysis has shown that buying $20 million worth of buying pressure on the Bitcoin market can move the market by up to half a percent. $3.5 million of buying pressure moved the Ethereum market by 0.4 percent.
This has major implications especially when it comes to the growing number of ransomware operations using anonymous cryptocurrencies like Monero. While Bitcoin’s market cap is in the hundreds of billions, Monero’s market cap it just $4 billion. Some hackers offer a 10% discount if the ransom is paid in Monero, which is a strong incentive for victims to opt for Monero.
A $10 million Monero purchase could easily move the market by a significant percentage. Some people believe that the Colonial pipeline attack Monero. One theory is described in the following video: