Hackers have significantly increased demands for ransomware, rising over 20% year-over-year to $600,000, according to Arctic Wolf.
There are worrying signs that 2024 will be especially volatile, as ransomware groups expand their list of targets, and explore new pressure tactics in response to increasingly effective international law enforcement efforts and the growing momentum of refuse-to-pay initiatives.
Despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.
Vulnerabilities first disclosed in 2022 or earlier continue to account for nearly 60% of incidents where the root cause was the exploitation of an externally accessible system.
Manufacturing, business services, and education/non-profit were the top three industries to appear on ransomware leak sites.
Ransomware groups shape evolving cybercrime landscape.
In recent years, the cybercrime industry has matured and its constituent organizations - including ransomware groups - have grown more sophisticated.
In the ransomware-as-a-service model that has emerged, RaaS operators offer technical resources and branding to independent affiliates who perform the work of compromising and extorting victims - with the proceeds split between affiliates and the operators.
Today, the RaaS ecosystem and affiliate model allows practically any aspiring cybercriminal to participate in attacks, and double-extortion attacks, in which the attacker disrupts operations and threatens to publish exfiltrated data, are the norm.
Plus, some ransomware groups and affiliates add additional elements of extortion by directly contacting individuals and organizations withties to victimized targets.
Remote or hybrid work arrangements are common, extending attack surfaces into home networks, coffee shops, and other locations beyond the control of an organization's IT department.
With an uptick in cloud services, more endpoints, unmanaged/BYO devices, and business operations transitioning from analog to digital platforms, stopping ransomware attacks with effectiveprevention, detection, and response becomes more challenging by the day.
One of the most effective ways an organization can increase resilience to ransomware groups is to maintain proper backup practices.
While backups don't address the issues around data exfiltration, being able to restore business operations can buy your organization time and limit the ripple effects of the attack.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Fri, 23 Feb 2024 05:13:07 +0000