Articles about Ransomware

With the creation, storage, and use of data continuing to accelerate dramatically, security vulnerabilities and risks to data integrity are also escalating across the board. The trends are alarming, with one recent study from IDC -- looking at the requirements for ransomware and disaster recovery preparation -- revealing that in 2022, almost 80 percent of organizations surveyed had activated a disaster response. What’s more, 83 percent had experienced data corruption, and most worrying of all, almost two-thirds said that a ransomware attack had resulted in unrecoverable data.

Indeed, there is currently no application type that can be considered to be completely safe from ransomware. Among the wide range of possibilities this situation creates are the risks posed to organizations that are refactoring their applications for Kubernetes. Refactoring is an increasingly popular approach to application deployment, whereby apps are broken down into a range of services that can subsequently be operated independently. One of the key benefits this offers is that the application’s underlying hardware is used more efficiently, while each service can also be scaled as required without impacting other services and resources.

Continue reading →

According to a new report, at least 20 percent of enterprise endpoints remain unpatched after the remediation is completed, meaning that a fifth of machines still have a significant number of legacy vulnerabilities that could be exploited at any time.

The study of over 800 IT professionals from Action1 Corporation finds 10 percent of organizations suffered a breach over the past 12 months, with 47 percent of breaches resulting from known security vulnerabilities.

Continue reading →

Ransomware and extortion actors are utilizing more aggressive tactics to pressure organizations, with harassment being involved 20 times more often than in 2021, according to a new report.

The study, from Palo Alto Networks' Unit 42 threat intelligence team, finds harassment is typically carried out via phone calls and emails targeting a specific individual, often in the C-suite, to pressure them into paying a ransom demand.

Continue reading →

The Lockbit ransomware group claimed 129 victims in February, more than double the 50 that was reported in January.

The latest ransomware report from GuidePoint Security shows that another RaaS group, AlphV, also significantly increased its reported monthly victim count from 20 to 31.

Continue reading →

In the midst of the biggest cost-of-living crisis in decades, the looming threat of recession, and an unprecedented energy crisis, organizations of all sizes are trying to find ways of cutting costs and saving money. While there are any number of measures organizations can take on that front -- from relatively small ones such as asking people to work from home to save on energy to more drastic measures such as layoffs -- the impact they have is variable at best. One measure that consistently saves organizations money, however, is investing in a proper cybersecurity solution.

In some ways, that might seem counterintuitive. After all, it’s an additional cost that the organization might not otherwise have to deal with. But it really is an investment that can pay off in a big way. That’s because the best cybersecurity solutions not only protect organizations from the threat of cyber attacks but also help mitigate their damage when they do occur.

Continue reading →

Cybercrime actors are shifting away from ransomware to new, innovative techniques, according to the latest CrowdStrike Global Threat Report released today.

The report shows 71 percent of attacks detected in the last year were malware-free (up from 62 percent in 2021) and interactive intrusions (hands on keyboard activity) increased 50 percent in 2022. This shows how sophisticated human adversaries are increasingly looking to evade antivirus protection and outsmart machine-only defenses.

Continue reading →

Ransomware attacks continue to plague organizations and can have an effect beyond the financial, damaging reputations and customer trust.

Now though WithSecure has developed a new technology called Activity Monitor that can essentially undo the damage malware can cause.

Continue reading →

Defenders have become more successful at detecting and preventing ransomware, but even so its share of incidents declined only four percentage points from 2021 to 2022.

The latest X-Force Threat Intelligence Index from IBM Security also finds that attackers continue to innovate, with the average time to complete a ransomware attack dropping from two months down to less than four days.

Continue reading →

Given we've all been told that it's inevitable that we'll get hacked, or at the least we need to assume that we will, what does this mean for businesses? It's clear that investment in cyber security measures isn't slowing down the attacks, and in 2023 it feels like there's been a significant increase in reported cyberattacks already. And we've only just hit February!

It would also appear that cyber attacks are becoming more sophisticated and technologically advanced. Fundamentally, you can't prevent a member of your team from clicking a phishing link, and the attack surface remains expanded due to the current hybrid working arrangements in place at most companies. So, if we are being told to expect an attack, does this shift the emphasis from prevention and defense, onto preparation and response? How would you recover your business?

Continue reading →

New research released today by Barracuda shows 75 percent of organizations surveyed have experienced a successful email-borne attack in the last 12 months.

What's more the study, carried out by Vanson Bourne, finds recovering from an email-borne security attack costs victims more than $1 million on average and 69 percent of those hit by ransomware say the attack started with an email.

Continue reading →

Critical infrastructure organizations accounted for 51 percent of ransomware victims in 2022, with construction being the most targeted sector overall.

Analysis by the KrakenLabs team at Outpost24 has identified 2,363 victims disclosed by various ransomware groups on Data Leak Sites (DLS) in 2022, with an estimated $450 million paid in ransom by victims.

Continue reading →

Cybersecurity continues to be an increasingly complex landscape for businesses to navigate as cybercriminals become more sophisticated and the frequency of attempted attacks grows at a rapid pace. One of the biggest cybersecurity challenges that businesses have to contend with today is ransomware, which has become the biggest global cyber threat as attacks strike fast and can do massive damage.

We particularly saw the rapid rise of the ransomware threat during the period of the Covid-19 pandemic, a time when most organizations and industries were increasingly adopting new technologies to help adapt to a new, remote environment characterized by digital transformation. According to the latest ransomware statistics, more than a third of organizations across the globe suffered an attempted ransomware attack in 2021, an increase of 105 percent -- to 623.3 million ransomware attacks -- compared to 2020. And, while the volume of ransomware attacks fell by 23 percent in 2022, as organizations began to more aggressively respond to cyber threats, attack methods are continuously evolving at the same time that average ransomware demands are dramatically increasing.

Continue reading →

The latest report from the GuidePoint Research and Intelligence Team (GRIT) shows an increase in ransomware activity from Q3 2022 to Q4 2022, as rebranded ransomware groups significantly increased the number of publicly claimed victims.

No quarter of last year saw less than 569 total victims -- with the biggest lull occurring in late June and early July, most likely attributed to the shift from Lockbit2 to Lockbit3, although challenges in the crypto currency market may have also had an impact.

Continue reading →

According to a new study, 33 percent of global organizations are not taking the threat of cyberwarfare seriously.

The report, from asset visibility and security company Armis, is based on a survey of over 6,000 IT and security professionals around the world and finds 24 percent feel under prepared to handle cyberwarfare. Indeed, the lowest-ranking security element in the eyes of IT professionals is preventing nation-state attacks (22 percent).

Continue reading →

Historically, government organizations have faced fewer attacks than their peers in other industries, particularly education and healthcare. But state and local governments have become a popular target for bad actors over the last two years -- nearly half of all ransomware in 2020 targeted municipalities. And in 2021, almost 60 percent of state and local governments faced a ransomware attack, up from just one-third of government organizations the year before.

The trend toward more frequent government ransomware attacks is concerning for several reasons. First and foremost, governments provide constituents with critical, everyday infrastructure, which makes ransomware-related outages costly and damaging. This incentivizes government IT leaders to address ransomware breaches quickly by paying the ransom. Second, and equally important, many state and local governments continue to use legacy hardware for their IT infrastructure. Without cloud-based protections and modernized cybersecurity protocols, many state and local governments face an uphill battle when it comes to addressing ransomware.

Continue reading →