Home Are Global Ransomware Attacks Out Of Control?
Blog, Software News

Are Global Ransomware Attacks Out Of Control?

Nigel Powell Former Tech Journalist & Columnist Author expertise
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

Are ransomware attacks out of control?

Data from Check Point Software Technologies shows that an alarming 1 out of every 44 health care organizations worldwide were hit by ransomware attacks in 2021, up 39% from 2020. According to the IT Professionals Survey, one out of three global healthcare organizations reported being affected by ransomware in 2020. Companies around the world have also seen a rise in ransomware attacks over the past year. Even giants like Colonial Pipeline and JBS Meatpacking have been victims.

Ransomware incidents have brought down key services and businesses across the globe. Schools, banks, government offices, and even police departments are among a wide list of victims. During the pandemic, there were numerous reports of ransomware attacks disrupting online classes, with school districts having to divert essential resources to tackling these assaults.

A Brief History of Ransomware

Ransomware was first officially recognized in 2005 with the GP Coder attack. There had been a similar demand for money in 1989, but the later attack was the first to display the current hallmarks of lockdown, ransom and unlock. In the intervening seventeen years, the attacks have not just continued, but evolved in terms of scope, damage, and value. They’ve even moved on to mobile networks.

70% of ransomware attacks include a threat to leak data

These complex attacks are also mutating. They are not just holding data hostage any more. The first significant shift happened last year, with what we know as the ‘double-extortion’ attack. Here the ransomware not only encrypts data on-site, but also leaks the data to a collaborator. This actor could then extort the victim by threatening to release the data, unless they paid. According to one estimate, this format has increased 20% over the past quarter. Some 70% of ransomware attacks now include a threat to leak the targeted data. Exfiltration threats are quickly becoming part of the new ransomware landscape.

The Rising Impact of Ransomware Attacks

According to a report by Fighting Destructive Malware, an average single ransomware attack costs major multinational companies $239 million and destroys 12,316 computer workstations. Cybersecurity Ventures projects that by 2031, ransomware will be causing more than $265 billion (USD) in annual total losses to the victims, as the ransomware criminals develop their malicious payloads and blackmail tactics. The company suggests that as the number of potential targets grows, we could see an attack every few seconds somewhere in the world. Which is a terrifying statistic.

A 20% rise in ransomware attacks since 2019

According to its annual Internet Crime Report, the FBI received almost 2,500 reports of ransomware in 2020. That’s 20% more than in 2019. The knock on effect of increased insurance premiums, lost time, damage limitation and device replacement suggest that the problem really is going to remain acute.

For example, in a recent attack against Kaseya, a remote monitoring and management services provider, the attackers planted a ransomware virus on systems belonging to over 1,000 organizations.

The number of crippling ransomware attacks has rocketed up in the United States, including the above mentioned Kaseya attack. Ransomware attacks increased 158% in North America alone (62% globally) from 2019 to 2020, according to a 2021 report from cybersecurity firm SonicWalls. Supply chain attacks rose by 42 percent during Q1-2021 in the U.S., affecting up to seven million people.

The Crippling Financial Burden of Ransomware Attacks

A report by ThycoticCentrify found that 64 percent of the 300 U.S. based IT decision makers surveyed suffered a ransomware attack in the previous 12 months. Some 83 percent paid the ransom to restore their data. Reported ransoms were as low as $50,000, although one ransomware attack CNA Financial Corp saw a massive ransom of some $40 million paid to the perpetrators. This attack affected 15,000 machines on the company’s network and was effected using the Phoenix Locker malware. Another attack was that on JBA, which eventually paid a ransom of $11 million in Bitcoin after having to shut down its food processing plants.

Bitcoin Cryptocurrency Ransomware Attacks

This was one of an estimated five thousand attacks orchestrated by the Russian malware group REvil. This ultra-organized group offered Ransomware as a Service (RaaS) to all takers across the globe using an affiliate scheme and shared revenues. The latest reports suggest that this extremely prolific operation was busted in a multinational sting operation in January of this year, resulting in the arrest of two ringleaders and the recovery of half a million Euros in ransom payments.

Conclusion | A Ray of Hope Against Ransomware

Despite successes such as the arrests of the REvil group, ransomware continues to impact businesses large and small. The fact is, where there’s money, there will always be a criminal element which seeks to exhort profit illegally. This is especially the case where remote attacks are so easy to set up, and the rise of cryptocurrencies such as Bitcoin make it easy to collect extorted funds and move them across borders.

The simple reality is that ransomware is unfortunately here to stay – at least for the near future. Until the technology improves to track, catch and prosecute, the best advice for companies is to always maintain current data backups at all times. And store the backups off-site or remotely on the cloud.

Keep your devices updated

Keep software updated, maintain state-of-the-art anti-malware software and processes such as 2-factor authentication (2FA), and run regular pen-testing programs. Finally, and perhaps most importantly, promote regular and updated cybersecurity training for all members of staff.

The fact is that most ransomware attacks begin with a simple socially engineered approach, such as phishing or tailgating. By ensuring that all staff members are made aware of the security risks, attacks can be made much more difficult.

The war against ransomware may still be in full flood, but there’s no reason it shouldn’t be turned round with enough desire and a few sensible precautions taken at all levels in an organisation. Security is everybody’s affair, not just the tech department.

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.

Nigel Powell Former Tech Journalist & Columnist

Nigel Powell Former Tech Journalist & Columnist

Latest News

Crypto News

Speculation of Spot ETH ETF Approval This Summer – Ethereum Dominance?

Steam Owner Valve Faces £656 Million Lawsuit for Overcharging 14 Million UK Gamers
News

Steam Owner Valve Faces £656 Million Lawsuit for Overcharging 14 Million UK Gamers

Valve Corporation, the owner of Steam (the world’s largest digital distribution platform for PC games), is getting sued for a whopping £656 million, which is roughly $830 million. Shotbolt says...

Conor McGregor’s Comeback UFC 303 Fight Gets Cancelled Due to Injury
Streaming News & Events

Conor McGregor’s Comeback UFC 303 Fight Gets Cancelled Due to Injury

Conor McGregor, the very famous Irish mixed martial arts fighter who recently appeared in Amazon Prime Video‘s blockbuster movie Road House, will no longer be able to take part in...

Apple Gets Sued For Underpaying Female Employees In California
News

Apple Sued for Underpaying Female Employees in California

Wall Street US CPI and Core CPI Data Estimates Indicate a Possible Crypto Market Recovery Ahead
Crypto News

Wall Street US CPI and Core CPI Data Estimates Indicate a Possible Crypto Market Recovery Ahead

Spot Bitcoin ETFs Record $100 Million Inflows, but More Risks Lie Ahead
Crypto News

Spot Bitcoin ETFs Record $100 Million Inflows, but More Risks Lie Ahead

Bitfarms Deems Riot's $950 Million Buyout Offer Undervalued
Crypto News

Bitfarms Deems Riot’s $950 Million Buyout Offer Undervalued