We discuss the growing threat of ransomware and its effect on business with new data from the Kroll Threat Landscape Report.
The ongoing threat of ransomware taking over a company is not something to be taken lightly. Kroll, a provider of services and digital products related to valuation, governance, risk, and transparency, released its Threat Landscape Report, analyzing the increase of threats over 2021, this revealed ransomware as the dominant threat type. The report was the company’s first created and is scheduled to be published quarterly.
In 2021, the increase in ransomware attacks was noticeable, with large store chains such as Spar being a notable victim. It comes as no surprise that the Kroll report states the number of attempted attacks has doubled during the year from 20% in the first quarter to 46% by the third quarter. Incidents of unauthorized access and the insider threat risk increased , but to a lesser extent than ransomware, making up 25% of recorded incidents in the same period.
It can be argued that this trend was predicted, as the annual Cyber Polygon’s event ran a simulation based on the scenario of a cyber attack pandemic. This interestingly was back in 2020 before the significant increase in attacks, so the experts predicted the wave accurately and have since discussed the threat in more detail with security experts from around the world, including Interpol.
The Kroll report looks at the evolution of cyber threats, including the most prominent threat incident attack methods, most frequently targeted sectors, perpetrators, and potential future risks.
The most important thing for businesses is to prepare to defend against an attack ahead of time rather than react after the incident. Ioan Peters, Managing Director and Co-Regional Lead in EMEA for Kroll’s Cyber Risk practice, comments, “Ransomware remains a huge threat to organizations of all shapes and sizes. We’ve seen threat actors mobilize and expand their efforts since the beginning of the pandemic. Incidents like the Conti leak only serve to democratize the methods used by cybercriminals to gain access to businesses. An ounce of prevention is worth a pound of cure when it comes to ransomware, so we encourage all businesses to constantly evaluate the security controls they have deployed rather than waiting for an incident to occur.”
In the past year, the public has witnessed examples of the way the medical sector and supply chain services have been targeted. However, the Kroll report shows that healthcare attacks make up only 12% of all attacks included in the study. Interestingly it identifies the professional services sector as the most targeted sector overall in Q3, increasing by nearly 4% compared to the previous quarter to 22%.
This increase is most likely due to attackers utilizing supply chain breaches within professional services firms to make the effects of their attack as widespread as possible. Other sectors that were heavily targeted include technology and telecommunications (13%), financial services (13%), and manufacturing (10%).
Petersstated,“Attacks on the global health care sector are particularly astounding given the strain on these services through the pandemic. Following an initial ‘ceasefire’ from threat groups in March 2020, the Conti group, which accounted for the largest number of incidents in Q3 (31%), has developed a reputation for targeting hospitals and other emergency medical services. Sadly, these attacks can result in life-threatening consequences, and therefore, these organizations do need to focus on ensuring that they have all possible safeguards in place.”
For a very long time, the public viewed hackers as just a single man hiding in a basement; this is not the case now as ransomware has turned into entire organizations working as a company, hiring employees, and even paying them a salary. There is a lot of money to be made in this area regardless of their choices’ ethical issues.
Phishing and social engineering remained the most prominent infection vectors in Q3, despite instances falling by 9%. Strikingly, third-party vulnerability exploitation was up 12% on the previous quarter as threat actors weaponized the pandemic and used it as an opportunity to hit vulnerable businesses as they move more of their operations online. Petersconcluded:“As the pandemic continues to impact the way we work globally, the risks poised from threat actors looking to take advantage of business vulnerabilities have increased as security teams struggle to keep up.”
- Highlights from Cyber Polygon 2021
- Protect your data with a multi-tiered approach
- The Rise of Ryuk: Defending against a deadly new ransomware
- Stopping ransomware attacks before they can take place
The only way to defend against this wave is to evolve the business threat protection; luckily, many new security systems are being created to help fend off attacks. Peters states, “Businesses must ensure they are evolving with threats to ensure maximum protection for their business and clients. Strong identity protection such as multifactor authentication (MFA) is often the best step a business can take to protect itself in terms of outlay and reward. It’s relatively simple to set up and can prevent an overwhelming majority of attacks. A large majority of Q3 victims were businesses that did not have fully implemented MFA in place.”