Ransomware attacks are spiralling out of control and is causing panic not only on its victims but on the public as well. A threat analysis unit launched by Raconteur compared incidents reported for the first six months of 2021 with the ransomware attacks recorded during the first six months of the past year. The data revealed a whopping 900% rise in the number of cyber-attacks.
Cybercrime Magazine Editor-in-Chief, Steve Morgan, stated that the increase of cyber-attacks, specifically, ransomware attacks, is partly because companies choose to pay the ransom to get the data back. In turn, cyber criminals take note and consider the scheme as one of the lucrative attacks out there. Other cybersecurity professionals, including Luta Security founder & CEO, Katie Moussouris, cite the rise of cryptocurrency as one of the major influencers in the rise of attacks, given that ransoms are paid through them like bitcoin. Cybercriminals choose this kind of payment simply because Cryptocurrencies are less regulated and harder to trace than others, meaning, it allows more anonymity in transactions. Morgan also stated another reason for the spike and it’s simply the growing number of people online. Although internet usage has been on the rise since its conception, the current pandemic forced a number of individuals to use it causing more crime.
Since its first manifestation in 1989 in the form of the AIDS Trojan, Ransomware has been the most lucrative cybercrime endeavors. Behind these attacks are highly-organised gangs with criminal operations that also employ affiliates to infiltrate corporate networks who, in turn, earn a percentage of any successful ransom demand. One victim of a ransomware attack this year reported spending $40 million. Ransomware is a threat that sets its crosshairs on anyone. From big time companies in different industries to an average consumer, ransomware gangs, considering their track records, don’t intend to spare anyone. 2021 has been wild and some of the biggest cyber-attacks happened this year. From Colonial Pipeline, Kaseya, and HSE these attacks teach us that a company’s size, connections, or infrastructure is not guaranteed. The call of the times especially during this pandemic strongly recommends a heightened cybersecurity awareness.
A good amount of knowledge in the cybersecurity landscape is beneficial, not only for an individual but for companies, as well. Our cybersecurity counterpart – 1600 Cyber – offers classes that aims to raise cyber awareness to keep up with the needs of the times. Simply visit https://1600cyber.com/cyber-awareness-training.
Ransomware gangs may be very much threatening and even more so if you don’t understand it, but much like everything else in the cyber sector, they still need an initial access point to breach and do some real damage. A call to action made by Allan Liska - a member of Recorded Future's CSIRT (Computer Security Incident Response Team) - that became a joint venture by several other contributors, resulted to an easy-to-follow list of vulnerabilities that ransomware gangs and their affiliates use as initial access point. The list comprises over a dozen different software and hardware vendors and their found security flaws.
The list is still growing and many other vulnerabilities from various companies are yet to be added. In 2021 alone, a great deal of these vulnerabilities is still being exploited making ransomware groups and/or affiliates almost like a chronic plague that has pestered the general public and organizations in the private sectors for decades.
In August of this year, a joint venture of Microsoft, Google Cloud, Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Lumen, Palo Alto Networks, and Verizon spearheaded by the Cybersecurity and Infrastructure Security Agency (CISA) was launched as part of Joint Cyber Defense Collaborative (JCDC) partnership. The project zeroes in on defending the critical infrastructure from ransomware and other cyber threats.
In line with this, the federal agency released a ransomware self-assessment security audit tool that’s designed to determine whether or not at-risk organizations understand how ransomware works and if they’re readily equipped to defend and recover from attacks that will target information technology (IT), operational technology (OT), or industrial control system (ICS) assets. In the unfortunate event of a ransomware attack, CISA also provided a Ransomware Response Checklist for organizations. The checklist would advise how to protect against ransomware and has an active FAQ section for those who would like to know more about it. A kiwi counterpart of the checklist has also been released by the New Zealand Computer Emergency Response Team (CERT NZ). Published as the Guide on Ransomware Protection on Business.