The evolution of ransomware attacks

22. February, 2022

Ransomware attacks, data breaches and IT outages worry companies worldwide more than business and supply chain disruptions (2nd) or natural disasters (3rd), according to the Allianz Risk Barometer 2022.

In Austria, critical infrastructure failures rank third among the most feared risks, behind cyber threats and business interruptions. The biggest climber is the shortage of skilled workers. Fear of the effects of the pandemic decreases worldwide with the duration of the pandemic.[1]

Cybercrime on the rise

The police crime statistics show significant increases in the area of cybercrime. With 46,000 reports, Austria reaches a new high in 2021–with an increase of one third compared to 2020.[2]

Companies still consider ransomware to be the biggest threat. The immense dependence on digital communication makes businesses vulnerable. The improvement of cyber security as a central topic of corporate management is supposed to provide a remedy, but there is uncertainty about concrete measures. An aspect often mentioned is the improvement of business continuity management within the company.

New ransomware trends

The AGCS (Allianz Global Corporate & Specialty) cyber reports, divides ransomware trends into four themes and describes them as incremental changes[3]:

  • Attacks on supply chains: Suppliers are exploited as a gateway and attack vector. Alternatively, physical supply chains or critical infrastructure are attacked directly.
  • More pressure: Additional threats, e.g. the publication of sensitive data, should increase the motivation to pay the ransom.
  • Ransomware as a service: Criminals sell or rent their ransomware tools and processes, topped off with additional support services.
  • Rising ransom demands: The amounts demanded are rising sharply–in the USA from more than 5 million US dollars to five times that amount within one year.

Law enforcement agencies advise against paying ransoms. Attacks should not be further encouraged. Nor is payment a guarantee of successful recovery. Reconstructing the systems to a known and, above all, trustworthy state is an undertaking that should not be underestimated. Help from experts is usually worthwhile.

Recommendations and countermeasures

Cyberattacks can affect anyone, from large corporations to SMEs to private individuals. A heightened awareness and active preventive measures help to minimise the risk. These include regular patches and updates, multi-factor authentication, employee training on information security and efficient crisis planning. A good start is to review the current backup strategy.

Guideline:

Ransomware attacks: Do’s and Don’ts

Worth reading:

Beware of Bad USB Attacks: New ransomware campaigns come via stick

Behavioural analytics, anomaly detection and visibility: additional protection against ransomware

Trending topics: Crypto currencies, 5G and zero-day exploits

Sources:

Ransomware
location tracking
Cyber Security Austria (CSA)
Best practice-Beispiele aus dem NSA-Leitfaden für ein sicheres Heimnetzwerk (©NSA)
Microsoft Outlook Exploit
Tiktok-Verbot auf Diensthandys
OSINT-Tools
Bedrohungserkennung in Echtzeit
Ransom-(D)DoS-Angriffe
Virus-Glaskugel
Password Spraying
insider threat
ein verlassener Tisch und Sessel mit geschlossenem Laptop, darauf eine Brille und daneben eine Maus
secure online gaming
Security
Cyber Security Awareness

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Sales Hotline:
+43 (0) 1 58995-500

SUPPORT HOTLINE

Support hotline:
+43 (0) 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
AnyDesk Download