Aug 2—According to the Federal Bureau of Investigation, more than 100 ransomware variants remain under close scrutiny. All of the ransomware variants have seen continuous deployment. Ransomware attacks represent a growing threat. Experts suggest that a ransomware attack may occur as often as every 11 seconds in 2021. US government agencies report that an average of 4,000 ransomware attacks have occurred per day across the past five years.
The impact of a ransomware attack often exceeds expectations. In July, cyber criminals disrupted operations within the IT firm Kaseya. As a result, hundreds of the group’s clients suffered. Kindergartens could not operate as normal and cash registers in supermarkets stopped functioning. Ultimately, the criminals asked for $70 million in order to restore all affected parties’ files.
Christopher Wray, the FBI director, has previously compared the rash of ransomware attacks and their intensity to that of September 11th, 2001. In the past, ransomware variants have led to grave and irrevocable harm.
Recently, cyber attackers have determined how to break into networks and how to then sell that illicit network access for profit. In one instance, hackers reportedly marketed access to a $500 million dollar firm in exchange for 12 bitcoin. Access to a federal organization was listed on the black market for $100,000.
Once the access has been sold, a new criminal gang can launch a ransomware attack on the network. This pattern of activity represents part of the emerging ‘ransomware-as-a-service’ model, devised by hackers. Those who sell initial access, in some cases, are referred to as ‘Initial Access Brokers’.
Disrupting the ransomware business model
Agencies around the world are working to aggressively resolve the ransomware epidemic. International pressures have led select cyber crime forums to announce bans or restrictions on recruitment and discussions. However, some ransomware operators remain unperturbed and determined. Among criminals, conversations abound regarding how to develop undetectable infiltration methods. Others want to move to the ‘data leak’ model.
Ransomware attacks have increased by more than 150% by volume, year-over-year, according to one report. Major ransomware attacks during the first portion of 2021 included the Colonial Pipeline attack, the JBS attack, an attempt to steal Apple design information and more.
For organizations, the cost of a ransomware attack can result in significant revenue declines. It can also lead to a damaged reputation, unplanned workforce reductions, legal consequences and other untoward outcomes.
After experiencing negative repercussions, some organizations go to great lengths to prevent similar experiences from recurring. For example, the HSE in Ireland, shelled out nearly €700,000 in order to establish a cyber security “war room.” Other groups reassess their cyber security posture and reassess their cyber security architectures.
For more information about preventing and recovering from ransomware, click here.