May 25, 2022
US telco Verizon warned this week that corporate ransomware attacks are increasing at an “alarming” rate.
In its 15th annual Data Breach Investigations Report (DBIR) – which analyses security incidents to identify among other things the type of attack, their origin, success rate, and attack vectors – Verizon Business found that the number of ransomware attacks on organisations has grown 13 percent year-on-year. That’s more than the last five years combined. Ransomware was involved in some shape or form with a quarter of incidents covered in the report.
The reason why ransomware is proving so popular among hackers, said Verizon, is because once a network is compromised, the perpetrators don’t have to go looking for valuable credentials like credit card or banking information, they just need to encrypt as much data as possible and send the ransom demand.
According to the report, the two most common attack vectors for ransomware are desktop-sharing software and email, accounting for 40 percent and 35 percent of incidents respectively. Supply chain partners falling victim to hackers is also a major cause for concern, with 62 percent of total security breaches coming via an organisation’s partner. Of course, the ultimate weak link in cybersecurity is people, who can be duped into providing access to attackers, or due to human error can leave networks vulnerable to a breach. In fact, Verizon said a human element was present in 82 percent of the breaches it analysed.
While state-sponsored cyberattacks make for the most eye-catching headlines, the main source of attacks continues to be organised crime. Verizon said approximately four in five breaches can be attributed to organised crime, with external threats causing roughly four times more data breaches than internal actors.
“Over the past few years, the pandemic has exposed a number of critical issues that businesses have been forced to navigate in real-time. But nowhere is the need to adapt more compelling than in the world of cybersecurity,” said Verizon CEO Hans Vestberg, in a statement. “As we continue to accelerate toward an increasingly digitised world, effective technological solutions, strong security frameworks, and an increased focus on education will all play their part in ensuring that businesses remain secure, and customers protected.”
To make matters worse, ransomware gangs are becoming greedier. This is according to cybersecurity specialist Group-IB, which claimed in its own report last week that the average ransom demand reached $247,000 in 2021, up by 45 percent compared to 2020. This average was probably skewed by the Hive ransomware group, which demanded a record-breaking $240 million payment from electronics retailer MediaMarkt last November. MediaMarkt allegedly negotiated the ransom down to $50 million. Even so, the previous record stood at a more modest $30 million. Meanwhile, the average downtime suffered by a ransomware victim is also on the up, rising from 18 days in 2020 to 22 days in 2021.
There is no secret to successfully guarding against attacks, said Verizon; it simply comes down to remaining vigilant at all times.
“The fundamentals of security remain the same,” said Dave Hylender, lead author of the DBIR. “Assess your exposure, mitigate your risk, and take appropriate action. As is often the case, getting the basics right is the single most important factor in determining success.”