Recent ransomware attacks have become increasingly sophisticated. They no longer use malicious software tools, targeting small and mid-sized businesses. The biggest ransomware attacks in 2022 are negotiating payments with independent third-party services and leaking stolen data to damage organizations’ reputations. Below are some of the common trends companies should be aware of.
They avoid using malicious software tools.
The most important thing to do as a company is to implement adequate security measures. Malware infection prevention starts with your employees. Employees are the number one cause of malware. Make sure they receive training to prevent malware infections. Keep software, firmware, and applications up-to-date, and ensure your anti-virus is active and has a robust detection and thwarting process. Multi-factor authentication makes it unlikely a valid user account can be impersonated.
Public infrastructures and utilities are prime targets of ransomware attackers because of their access to large amounts of money. In addition, because these sectors are often vulnerable to outdated cybersecurity technology, the technological gap between attackers and public targets may become more expansive in the future. Healthcare is another critical public sector that has experienced attacks. A common type of ransomware attack involves stealing personal information. Cybercriminals can then hold people to ransom.
They target SMBs
There are many reasons to be concerned about ransomware attacks. First, small-to-midsized businesses have a lot of money and are less well-protected against cyber attacks than large corporations. And second, SMBs are a prime target for ransomware attackers because they cannot afford to have their systems down for too long. Third, ransomware attacks have been increasing rapidly. As a result, as many as 71% of SMBs are at risk.
Cybercriminals have made a habit of targeting small and mid-sized businesses. While big government and agency breaches have been exposed in headlines, small business owners have been less likely to invest in proper cybersecurity. Consequently, hackers are looking to exploit the lack of resources of these companies. Therefore, it makes sense to spend money on cybersecurity to avoid the disruption of productivity and services, as well as legal headaches.
They negotiate payments with independent services.
In recent years, cybercriminals have become increasingly professional in their approach to ransomware attacks, using ransomware-as-a-service and independent services to help victims negotiate payments. Some ransomware threat actors even provide a 24/7 help center to assist victims in determining the best payment method. As a result, the FBI and Department of Treasury recommend that ransomware victims do not pay the ransom. However, there are many risks associated with such an approach, including the risk of a double extortion attack.
Ultimately, organizations have the upper hand in dealing with ransomware. They know the credibility of the bad actors, and some may even work with federal agencies to resolve ransomware attacks. One case involved CNA Financial, which paid the U.S. Secret Service a $40 million ransom. This example illustrates the risks associated with ransom payments. Even though many businesses would prefer to negotiate with ransomware gangs, they should consider their reputation and other potential victims’ past behavior before making any decisions.
They leak stolen data to damage organizational reputations.
Ransomware attacks are increasingly aggressive and sophisticated. Last year, the healthcare sector was hit by an increase of 123 percent in attacks per customer. However, several simple precautions can protect sensitive data and prevent ransomware infection. Roger Grimes says that 70 to 90 percent of cyberattacks result from social engineering.
Many attackers choose targets based on their ability to pay a ransom. For example, universities are desirable targets because they tend to have smaller security teams and a diverse user base, making penetrating their defenses easier. Some organizations may be more likely to pay the ransom, however. For example, government agencies and medical facilities need access to sensitive files immediately, and law firms may be willing to pay the ransom to keep a compromise quiet. In addition, organizations in susceptible industries may be uniquely vulnerable to leak attacks.