Ransonware

What are Ramsomware Attacks?

Ransomware attacks are continuing to rise with recent research showing an increase of 413% in attacks in just one year*. The impact on business is being felt as a major business threat, not just as an IT headache.

The criminals who create the ransomware campaigns are developing more sophisticated attack methods and in some cases, it is used as a diversion; to keep IT staff occupied while the attacker covers their tracks and accomplishes other criminal objectives such as data theft.

Once a ransomware attack takes place, the risk to the business of a serious data breach and reputational damage to your brand go up dramatically.

Every organisation needs to have an awareness of ransomware attacks and needs to have the systems and processes in place to handle an attack. Organisations that are well prepared for ransomware can greatly minimise the business impact of an attack and get the affected system recovered and operational quickly.

They typically want you to pay through Bitcoin and there is no guarantee that they will release the data or not look for more money.

1. Global Ransomware Trends:

   • In 2022, there were approximately 236.1 million ransomware attacks globally in the first half of the year. This marked a 23% drop compared to the previous year when there were 623.3 million attacks.
   • Ransomware accounted for around 20% of all cybercrimes in 2022.

2. Sophos Insights:

   • According to Sophos’ State of Ransomware 2022 report, 66% of organizations surveyed experienced ransomware attacks in 2021, a significant increase from 37% in 2020.
   • The average ransom payment made by mid-sized organizations was $1.85 million in 2021.

3. CrowdStrike Findings:

   • The 2024 Global Threat Report by CrowdStrike highlights the rise in covert activity and a cyber threat landscape dominated by stealth. Notably:
     • Adversaries are operating with unprecedented stealth, executing attacks in mere minutes by using valid credentials and legitimate tools.
     • Identity-based attacks surged in 2023, with techniques like phishing, social engineering, and buying legitimate credentials.
     • Cloud-conscious adversaries exploit valid credentials to access victims’ cloud environments, making detection challenging.
     • By targeting vendor-client relationships, adversaries gain access to multiple victims across verticals and regions.
     • Generative AI is driving new adversarial risks, creating sophisticated social engineering campaigns and malicious resources.

Remember that these statistics underscore the urgency of robust cybersecurity measures to combat the growing threat of ransomware attacks. Stay vigilant and protect your organization’s data! 🛡️

How CommSec can Help?

Our services can help you prevent these type of attacks including Cyber Security Training for your staff as well as monitoring and alerting for these type of attacks through our Managed Detection and Response service. We can also provide you with managed Endpoint Protection solution from one of our leading vendors.

See our MSOC+ Service for 24/7 cyber security monitoring.