Cybercriminal organisations have been innovating faster than businesses can keep up. In 2020, cybercriminals targeted the manufacturing, healthcare, and construction sectors very heavily with ransomware attacks that rose in severity with ever-increasing demands. The average ransom paid rose to $312,000 (£224,000).
A recent Palo Alto Networks report found evidence for 337 victims in 56 different industries over the course of 2020. Out of these industries, manufacturing, healthcare, and construction made up 39% of all incidents. With average demands of $1 million (£718,150) and the highest demand of $30 million (£21,544,500), this shows an obvious rise in ambition from these attackers.
Ryan Olson from Palo Alto Networks said “We’re seeing a clear evolution of the ransomware business model. They want to maximize the amount of pain the victim is feeling so they will pay the most to make the pain stop.”
The report also warns of a new form of ransomware that is becoming increasingly popular and successful. This so-called “double extortion” is a technique where instead of encrypting victim files and data to make them unusable and ransoming back a key to unlock the data, cybercriminals are now taking a copy of the data in order to use the threat of leaking sensitive data like customer data and medical records as a tool to encourage victims to pay more to put the problem to rest.
The USA’s FBI has since released a similar finding in their annual review of cybercrime in the US. When looking at these reports, experts suggest that these attacks will continue to grow in sophistication and size, and there is no indication of it stopping.
Ransomware attacks follow a set strategy - they target the weakest link in their target organisation’s security infrastructure: the people. Cybercriminals have been targeting people for a while now and have gotten very good at doing it. This usually starts out as a phishing campaign, where emails, texts, social media posts, or even phone calls are used to lure unsuspecting people to log in to bogus sites with their credentials or click on links with hidden malware that will sit and watch your machine, waiting for useful information like usernames and passwords to be provided. With this new information, the cybercriminals then gain access to your organisation's network from the inside and systematically deploy malware which then encrypts your organisation’s data.
How we can help?
As soon as a phishing attempt is successful, it can sometimes be too late to do anything to stop the attack, that is why we offer phishing training and simulations to ensure that your organisation has the knowledge and culture required to protect itself from falling victim to this and many other types of cyber-attack. Contact us to find out more about phishing training and simulated attacks.
Source: Palo Alto Threat Report
Solution: Speak to GB3s CyberSecurity Team
Contact Us: Here to help