Rising Concern For Ransomware Attacks – Global Report
“Among all security incidents, ransomware attacks remain the #1 security concern. Consequently, forecasts damages to surpass $30 billion by 2023”.
Day by day, the world becomes increasingly digital and data-dependent. The advancement in IT continues to improve complex decision-making, but, at the same time opens a back door to various security breaches and compromises.
According to the mid-year cyber threat report by Acronis, ‘ransomware’ stays on top of cyber risks(recorded 623 million attacks last year) for businesses around the world due to security gaps in their IT infrastructure.
Ransomware Attacks That Were In The Headlines
Here are the biggest cyberattacks (related to ransomware) of the past two years that laid out security lessons for businesses.
1. MediaMarkt – The attackers compromised around 3100 servers
MediaMarkt, a European electronics retailer, was a victim of a massive ransomware attack in November last year. As per official reports, the attack affected as many as 3100 servers. Because of that cash registers across various stores were incapable of accepting credit cards or printing bills. The group of attackers demanded $240 million, however, reduced the amount later on.
Due to the attack, the day-to-day operations suffered since the company had to limit in-store services and halt some IT resources to contain them.
2. Kaseya – affected up to 2000 global organizations
The US-based software provider, Kaseya, was worried due to ransomware security concerns since the attack lasted roughly a week. As per reports, the attack trickled down around 2000 organizations by infecting nearly 50 service providers who were using Kaseya’s products.
After an investigation of the cyber incident, the company found that the REvil group was behind the attack and it demanded 70 million US dollars to restore the damage. Later, the US government had to interfere and contacted Russian officials about the Kaseya attack to make clear its intentions. Kaseya refused to pay the ransom. However, the attack served as a reminder of the cyber threats posed by software supply chains and sophisticated groups.
3. JBS – The ransomware attack cost the company $11 million
JBS, a food producer company had to halt its production in at least five of its largest facilities due to an attack related to ransomware. The group behind the attack was REvil which demanded $11 million as a ransom. Though security professionals advised JBS not to fulfill the demand, they paid the amount to avoid further disruption of their day-to-day operations.
4. Colonial Pipeline – Temporarily halted all pipeline operations
The Colonial Pipeline cyber incident was one among the ransomware security concerns. It’s considered to be the biggest cyberattack in the country. The privately held company, one of the largest pipelines in the US provides nearly 45% of the East Coast’s fuel, including gasoline, diesel, home heating oil, jet fuel, and military supplies.
The company had to temporarily shut down its operation on May 7, 2021, after the cybercriminals breached their systems and demanded 4.4 million dollars. The company decided to pay the ransom by saying it was the right thing to do for the country.
FBI investigated the entire matter and revealed that the Darkside ransom was intentionally compromising the company’s networks.
5. The University of California at San Francisco – Attackers demanded $3 million
Netwalker, another ransomware group, breached the systems of the University of California at San Francisco (UCSF) rising ransomware security concerns in the country. As per the reports, the attackers encrypted the files (a cure for COVID-19) on which researchers were researching.
The ransomware group initially demanded $3 million. Later, the university negotiated it down to $1.14 million and paid the ransom.
Fact Check: Regardless of the industry type, attacks related to ransomware are rapidly increasing.
Must-Know Ransomware Attack Stats
As per the 2022 Unit 42 Ransomware Threat Report, the threat posed by ransomware has significantly increased.
- Last year, the average ransom demand for cases increased 144% to $2.2 million.
- The average payment rose nearly 78% percent which amounts to $541,010.
In addition, let’s take a look at the FBI’s Internet Crime Complaint Center report. According to that, 2,084 ransomware complaints from January to July 31, 2021, alone. It signifies a 62% year-over-year increase. Recent updates revealed shocking facts. The Cybersecurity and Infrastructure Security Agency (CISA) report say that in Feb 2022 14 of the 16 critical infrastructure sectors in the US were victims of ransomware attacks.
Final Insights
“Ransomware attacks are as active as ever and on top of that it is only expected to grow,” says Cybersecurity experts at GoldenDew Tech. “Unless they are better prepared to handle the occurrences, the majority of firms won’t be able to prevent a security incident.”
The way attacks related to ransomware are emerging, our experience and analysis show that many companies still need to strengthen their cyber controls. Particularly, around IT security training, better network segmentation for critical environments, and cyber incident response strategies and security compliance. As a managed cyber security service provider, we are willing to go above & beyond pure risk transfer. We are here to help clients adapt to a changing risk landscape and raise their protection levels.”
Also read, How to Boost Cybersecurity in Fintech and Banking