Hey, ransomware, that’s fun, right? Plaguing businesses for years, you’ve seen it explode in any IT or cybersecurity-related news over the course of 2020 with the rise of remote working. A nasty piece of malware, it’s caused billions and damages while ransomware gangs have only grown more vicious in their strategies. If they snag some valuable data, they don’t just threaten to publish it, they’ll threaten to destroy the stolen goods if demands aren’t met.
Suppose that’s why ransomware has broken records. For professional reasons I can’t swear, but I’d put ransomware gangs in a certain category of the Olympics with their brutish tactics and ghoulish antics. Remember, ransomware hosts go after everyone – even medical networks dealing with the COVID-19 crisis.
2021 isn’t looking much better. SonicWall, a cybersecurity specialist, discovered an explosion of ransomware attacks in the year’s first quarter. Researchers discovered during the months of April to May, there was an attempted 304.7 million ransomware-based attacks. Not to be outdone, of course, June saw an obscene 78.4 million attempted attacks. You can see why cohesive ransomware defense is so critical.
On a global level, SonicWall found this represents a 151% increase in ransomware attacks. The researchers added that, even if right now if no other ransomware attacks were recorded, this would still be the worst ransomware attack year on record.
Why so much ransomware?
It’s not hard to see why ransomware has grown in use, given its low-risk and success rate. Like I’ve talked about, the explosion of remote work solutions also led to the creation of numerous attack surfaces. In other words, more ways for hackers and threat actors to potentially compromise networks, devices, and software.
Ransomware has also become increasingly accessible. We’ve long since passed the days where threat actors were comprised of complex, trained teams with an abundance of resources and time. Those still exist, of course, but ransomware can be deployed by virtually anyone with a little patience and time. That doesn’t bode well, looking at the numbers. It implies ransomware attacks will continue to rise in conjunction with the adoption of more remote working solutions.
Biggest ransomware targets
From the report, SonicWall also identified the biggest targets and locations affected by the ransomware surge. For instance, several states in the United States were hotbeds for attempted ransomware strikes.
Florida took the “lead,” with 111 million ransomware attempted attacks. New York saw 26 million, Idaho 20 million, while Rhode Island and Louisiana averaged roughly 9 million.
As far as the biggest spikes by country, the top targets were the United States, the UK, Brazil, Germany, and South Africa. Out of this kerfuffle, in the US, government and government-related agencies were the primary target zones for ransomware attackers. It makes sense for attackers, given the success of the SolarWinds breach and potential payout with high-value targets like federal agencies.
I’m only short-selling it. The surplus of attacks and significant rise in attempts has erupted, and there’s no reason to see the attacks slowing down any time soon.
Cryptojacking scams on the rise too
Cryptocurrency saw a spike in prevalence during 2020 and 2021, though primarily 2021. Indeed, a sweep of cryptocurrency scams and “legitimate” offerings took the internet by storm, along with related schemes and attacks based on cryptocurrency. Ransomware gangs like REvil, for instance, often demand their ransoms are paid with cryptocurrency.
That means attackers and threat actors are on the prowl of mainstream methods of exploitation. Asia and Europe, according to the research reports, saw the biggest spike in cryptojacking and scams, jumping up 118% in Asia and 248% in Europe.
Defending against ransomware
If there was a simple, unified solution for protecting against ransomware, the problem certainly wouldn’t be so prevalent. There is, unfortunately, no perfect way to protect against it. In remote environments, too, it’s even more of a challenge.
But there are several defense approaches an organization can take to protect themselves. I’ve covered some of them before, but a quick cheat sheet is:
- Operating on a zero-trust policy
- Mandating verification and 2FA for mobile devices
- Diversifying and applying network segmentation
- Having backup-recovery services/plans in place
One thing’s for sure: ransomware is breaking records, and not the kind we want to see.
If you’re still concerned about this issue (as you rightfully should be) I recommend getting additional help. Bytagig is a great MSP with all the resources to help out your enterprise.
-Douglas James
