Articles about Ransomware

Data is the currency of every business today, but it is under significant threat. As companies rapidly collect and store data, it is driving a need to adopt multi-cloud solutions to store and protect it. At the same time, ransomware attacks are increasing in frequency and sophistication. This is supported by Rapid7’s Ransomware Radar Report 2024 which states, “The first half of 2024 has witnessed a substantial evolution in the ransomware ecosystem, underscoring significant shifts in attack methodologies, victimology, and cybercriminal tactics.”

Against this backdrop, companies must have a data resilience plan in place which incorporates four key facets: data backup, data recovery, data freedom and data security.

Continue reading →

According to a new survey, 84 percent of organizations in the enterprise sector spotted a cyberattack within the last 12 months, compared to only 65 percent in 2023.

The study from Netwrix shows the most common security incidents are phishing, user or admin account compromise, and ransomware or other malware attack.

Continue reading →

A new report from SpyCloud finds that Ransomware is seen as the biggest cybersecurity threat across every industry, with 75 percent of organizations affected by ransomware more than once in the past 12 months -- a jump from 61 percent in 2023.

Based on a survey of 510 individuals in active cybersecurity roles within organizations in the US and the UK with at least 500 employees, the report shows some industries are more at risk than others, with insurance firms 6.3x more likely to experience a ransomware attack and healthcare 2.1x more likely.

Continue reading →

As we begin a new school year, a survey of 250 IT leaders from educational institutions in the US and UK highlights the potential damage from cyberattacks on schools.

The study from Action1 shows 20 percent of respondents believe that the current level of support from their school board is insufficient, with a high risk of significant impact on education quality due to ransomware.

Continue reading →

A new report from dark web intelligence specialist Searchlight Cyber shows a 56 percent increase in the number of active ransomware groups this year compared to the first half of 2023, reflecting a diversification of the ransomware landscape.

LockBit has retained its top position despite the disruption caused by Operation Cronos, though its number of listed victims has fallen compared to H1 2023.

Continue reading →

Published vulnerabilities have increased by 43 percent compared to H1 2023, with 23,668 vulnerabilities reported in H1 2024 according to a new report from Forescout.

The average number of new CVEs per day is 111 or 3,381 per month, and 20 percent of exploited vulnerabilities affected VPN and network infrastructure.

Continue reading →

So far this year, vulnerabilities have risen by 11 percent and the availability of publicly known exploits has increased by six percent.

The latest Cyber Threat Intelligence Index from Flashpoint reveals 17,518 newly disclosed vulnerabilities in the first half of the year. Also, over 45 percent of all vulnerabilities disclosed in H1 2024 are rated high to critical in CVSSv3.

Continue reading →

According to a new report, ransomware productivity has shown signs of leveling off in 2024, however, the frequency of attacks and ransom payments collected remains higher in the first half of 2024 compared to the same periods in 2022 and 2023.

The report from WithSecure suggests law enforcement actions, notably the take down of the Lockbit ransomware group in February 2024, have played a critical role in disrupting major ransomware operations.

Continue reading →

In the last year, the US has experienced a dramatic 63 percent increase in ransomware attacks, with the UK seeing an even greater rise of 67 percent.

The latest State of Ransomware report from Malwarebytes shows the share of attacks carried out by gangs outside the top 15 increased from 25 percent to 31 percent, indicating that ransomware is becoming more accessible to a broader range of cybercriminals.

Continue reading →

The year is 1989. “Rain Man” wins the Academy Award for Best Picture. Motorola releases the world’s smallest and lightest phone. The Berlin Wall falls. Taylor Swift is born. It also begins the dawn of a new era of cyber extortion. 

The AIDS Trojan arrived innocuously, distributed via floppy disk to public health professionals. But it harbored a nasty surprise. After the 90th PC reboot, it cryptographically locked victims’ hard drives, demanding a $189 payment to unlock files. While this attack was thwarted easily, it changed the game. Over the next 30 years, ransomware proliferated from curiosity to a catastrophic threat fueled by an unrelenting arms race between extortionists and security teams.

Continue reading →

Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises according to a new report.

The latest Ransomware Radar Report from Rapid7 finds smaller organizations are becoming a more frequent target too. Companies with annual revenues around $5 million are falling victim to ransomware twice as often as those in the $30-50 million range and five times more frequently than those with a $100 million revenue.

Continue reading →

The World Health Organization (The WHO) hosted a webinar on the 18 July to discuss the critical importance of cybersecurity in the healthcare sector, highlighting the severity of the situation the industry is currently facing. Healthcare organizations are increasingly relying on digital systems to facilitate their daily workflow, but the prevalence of outdated legacy technology in the sector is rendering it vulnerable to cyber-attacks with severe consequences.  

As has been demonstrated with recent high-profile attacks on healthcare organizations, such as the US’ Ascension and Change Healthcare incidents, and the UK’s NHS attack, the healthcare industry must review its priorities, the threats it faces, and its security measures, without delay. 

Continue reading →

It's fair to say that no industry is truly safe from cyber attacks these days, the aviation sector is at particular risk due to the volume of customer data it handles and the potential to cause widespread disruption.

A new report from SecurityScorecard focuses on cybersecurity vulnerabilities across the airline industry and its various supply chains.

Continue reading →

A new global ransomware study of nearly 1,000 organizations in a variety of industries finds most firms are facing a never-ending series of breaches, a serious epidemic that leaves them continuously in the crosshairs of ransomware gangs.

The study from Semperis also shows that 39 percent of attacked companies in the US, UK, France and Germany paid a ransom four times or more in the past 12 months.

Continue reading →

Recent cyberattacks like Volt Typhoon, BlackCat ransomware syndicate, and NuGet serve as stark reminders of the critical importance of monitoring cyber risks as these attacks could all have been prevented.

We spoke to Randy Watkins, chief technology officer at Critical Start, to discuss why organizations must know the difference between cyber risks and threats, and how those enterprises that fail to mitigate against cyber risk will remain reactive, and ultimately fall behind their competitors.

Continue reading →