The familiar tactics of crippling a company and holding it hostage have been replaced by new strategies that use stealth to exfiltrate private and sensitive data.
Cybercriminals then frequently threaten to sell it to the highest bidder on the darknet or leverage it to reap a handsome cyber insurance payment.
Although not back at the levels of 2021, the number of organizations claiming to have been a victim of ransomware in the past 12 months more than doubled since last year, from 25% to 53%. Mid-sized companies appeared to be in cybercriminals' crosshairs the most, with 65% stating they've been a ransomware victim over the past 12 months.
Organizations are also paying ransoms more frequently, up to 76% from 68% the prior year.
More striking are the emerging trends in motivations, strategies, and tactics that the survey revealed.
Data exfiltration registered a surge of 39% and became a preferred goal for the attackers, who are now gaining control of a company's network to download sensitive data to sell on the darknet.
This trend is also evidenced by the significant downturn of traditional money grabs as the main motivation.
As their main goals changed, cyber criminals modified their tactics and moved away from using email as a preferred attack vector, targeting cloud and compromised applications instead. By taking a more covert approach, attackers can remain undetected longer and gain continuous access to systems and data, enabling them to ramp up the damage when they choose.
Contrasting trends emerged around the measures organizations have in place against ransomware.
While 91% indicated they have specific budget allocations for ransomware, up from 68% in 2022, only 61% said security budgets were allocated following an attack, which could be due to economic uncertainty or tighter budgets.
Despite feeling they could bolster defenses by spending more on critical areas like Privileged Access Management, respondents seemed to lack clarity on how increased spending would help improve security.
On a positive note, executives and boards are now listening as 76% reported that their leadership is concerned about ransomware, but perhaps only after an attack.
Delinea is a leading provider of Privileged Access Management solutions for the modern, hybrid enterprise.
The Delinea Platform seamlessly extends PAM by providing authorization for all identities, granting access to an organization's most critical hybrid cloud infrastructure and sensitive data to help reduce risk, ensure compliance, and simplify security.
Delinea removes complexity and defines the boundaries of access for thousands of customers worldwide.
Our customers range from small businesses to the world's largest financial institutions, intelligence agencies, and critical infrastructure companies.
Learn more about Delinea on LinkedIn, Twitter, and YouTube.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 01 Feb 2024 22:00:41 +0000