Undoubtedly, ransomware attacks have become a major part of the cybersecurity landscape. Attacks have increased over the past one-year period and this reveals that both government, non-profit, and private organisations need to remain ever more vigilant to protect their valuable data from a malicious breach. It appears that no industry is safe and caution and foresight must be exercised by all parties in an organisational ecosystem, and not just the CIOs. With this in mind, we take a quick look at what ransomware is, what the statistics show for the first half of 2022 as well as trends and measures you can take now to protect your organisation.
What is ransomware?
A malicious form of software the blocks all access to an organisation’s files and data in exchange for a sum of money (usually Bitcoin because it can’t be traced) is referred to as ransomware. It can be instigated by malicious threat actors by sending emails to unsuspecting employees who click on links, download attachments or open websites that have been infected without their knowledge.
This way, the threat actor gains entry into the organisation’s portals and systems and blocks them for usage until the sum of money has been paid. Research indicates that while the cost of such attacks has been in the region of $20 billion in 2021, this cost is likely to more than quadruple in the next few years to over $200 billion by 2031. While staggering, this is an immediate indicator to all organisations that they need to step up their cybersecurity.
Ransomware developments over the first half of 2022
With half of 2022 already behind us, it’s important to consider some of the most important and also devastating ransomware and cybersecurity threats that took place around the world.
The first development that emerges is that ransomware attacks are on the rise. In particular, organisations in the technology, education and government sectors have gone up. These have been followed by industries including: manufacturing, healthcare, services, retail, finance and utilities (in this order). The top ransomware exfiltration countries are China (21%) and Russia (17%), although the rest of the world makes up the bulk of the attacks at 60%.
Also interesting to note is the rising geo-political nature of ransomware attacks. With the conflict between Russia and Ukraine, threat actors on the dark web have also appeared to take a political stance for either states and have indicated that they will retaliate against anyone supporting what they perceive as the opposition through targeted attacks on their government and private institutions.
It’s also noteworthy that some threat actors are becoming well-known as Ransomware-as-a-Service (RaaS) organisations. This means that the dark web contains a growing number of illicit “organisations” with highly sophisticated R&D departments that target institutions with the purpose of extracting money from them and halting operations.
One example of an entire country that was affected was the case of Costa Rica earlier this year. The country’s financial and healthcare ministries were attacked, putting ordinary Costa Ricans in harm’s way as they were unable to access much-needed healthcare. With an attack of such large proportions, it’s evident that both countries and private organisations need to step up their efforts in preventing such attacks from taking place. For more on this, take a look at the section below.
Other examples of high-level ransomware attacks include 27 that took place in January, with more in the months that followed. Cases of affected organisations include Portugal’s Impresa group, French aerospace company Thales Group and the Ministry of Justice in France. February saw 28 attacks on a global scale, followed by 25 in March and April and 26 in May.
Steps to protect your organisation
With employees being an organisation’s most valuable asset, they are also the ones that can be the most susceptible to malicious threat actors. This is why one of the first steps an organisation should take to prevent ransomware attacks includes continuously educating its workforce to ensure that all individuals are able to identify potential attacks and know how to prevent them from worsening. Some examples of strategies you could teach your employees include being vigilant for phishing emails, avoiding downloading attachments that come from unknown sources, knowing how to recognise phishing attempts, not clicking on links that may seem harmful and others.
Another step that can be taken is to provide two-factor authentication to company or corporate data and files. This makes the path for a threat actor into an institution that much more difficult to access. Further steps that can be taken include always keeping software updated on all devices used. Any breaches that may occur could be a result of a poorly maintained internal cybersecurity processes and infrastructure. Be sure that all end-points in your organisation are monitored and protected and monitor outgoing web traffic from your organisation to determine any potential leaks.
Ransomware attacks are unlikely to decrease in the near future. In fact, they’re on the rise and they’re ever more sophisticated as threat actors seek to exploit organisational vulnerabilities. If you’re looking for a partner that can help solidify your cybersecurity strategy, reduce threats and prevent existing threats from escalating, get in touch with us at 3Cyber-Sec. We’re highly dedicated to ensuring that your organisation’s safety is top of mind and that strong efforts are made to protect it.