Articles about Ransomware

Many organizations around the world are opting to pay ransoms to cybercriminals in order to buy back ownership of their data. But this can leave them open to further risk of attack.

Gerasim Hovhannisyan, CEO and co-founder of EasyDMARC, believes it's wrong to pay up and that it's better to establish good defenses. We spoke to him to find out why.

Continue reading →

After a decrease of eight percent in cyber extortion (Cy-X) victims in 2022, the data for the first quarter of this year shows the largest volumes to date.

The latest Cy-Xplorer 2023 report from Orange Cyberdefense shows businesses in 96 different countries were impacted by Cy-X in 2022. Since 2020 Orange Cyberdefense has recorded victims in over 70 percent of all countries worldwide.

Continue reading →

Last month broke ransomware records -- and not in a good way. The latest report from Blackfog shows 66 publicly disclosed ransomware attacks, the highest recorded since the company began reporting in January 2020.

More concerning still is a significant uptick in the attack success rate, with a 154 percent increase over 2022.

Continue reading →

A new report reveals that 93 percent of ransomware attacks are now targeting backup storage as a way of ensuring payment.

The report from Veeam also shows that the success of attacks is having an impact on enterprises' ability to get insurance cover. 21 percent of organizations say that ransomware is now specifically excluded from their policies.

Continue reading →

A new report from the Secureworks Counter Threat Unit (CTU) uncovers a thriving market in infostealer logs that serves as a key enabler for some of the most damaging forms of cybercrime such as ransomware attacks.

On the 'Russian Market' site alone, the number of logs for sale increased by 150 percent in less than nine months, from two million on a single day in June 2022 to over five million on a single day in late February 2023.

Continue reading →

A new report based on publicly available resources finds a 25 percent increase in ransomware victims from Q4 2022 and a 27 percent increase compared to Q1 of the same year.

The study from GuidePoint Security's Research and Intelligence Team (GRIT) tracked 849 total publicly posted ransomware victims claimed by 29 different threat groups in the first quarter of this year.

Continue reading →

The financial impact of a ransomware attack can cost businesses up to 30 percent of their operating income, with smaller enterprises hit proportionally harder.

A new report from ThreatConnect looks at the financial impact of ransomware attacks on small ($500M), medium ($1.5B) and large ($15B) organizations within healthcare, manufacturing, and utilities.

Continue reading →

In the 12 months from April 2022 to March 2023 the US and UK were the countries that suffered the most ransomware attacks.

However, the latest Malwarebytes ransomware report shows that the USA suffered a little over seven times more attacks in the last twelve months than the UK. It's perhaps not a coincidence that the USA's economic output, measured by gross domestic product (GDP), is also about seven times larger than the UK's.

Continue reading →

It used to be the case that all you had to worry about with ransomware was encrypted data, but the latest Cyberthreat Defense Report (CDR) from CyberEdge Group reveals that last year 78 percent of ransomware victims faced the consequences of one, two or three additional threats unless they paid the ransom.

Additional threats include launching distributed denial of service (DDoS) attacks (42 percent), notifying customers or the media of the data breach (42 percent), and publicly releasing exfiltrated data (40 percent).

Continue reading →

According to Forrester, nearly two-thirds of organizations (63 percent) were breached by ransomware in 2021, up 4 percent from the previous year. Recovery was a long, hard road for many of those enterprises -- while for others, the downstream effects of ransomware were ultimately insurmountable. The alarming rise in ransomware must guide IT leaders' cybersecurity decisions in 2023.

Why is ransomware on the rise? For one, bad actors are becoming far more advanced and prolific. Ransomware gangs continued to make headlines in 2022 for their high-profile attacks and advancements in post-breach encryption. On the other end of the spectrum, the barrier to entry for ransomware is lower than ever before. Ransomware as a service (RaaS) -- which allows bad actors to deploy ransomware for a fee -- has ushered in a new generation of hackers who can target enterprises of all sizes despite their relative inexperience with cybersecurity protocols.

Continue reading →

Computer maker MSI has confirmed that it fell victim to a security breach, confirming rumors that sprang up in recent days. The Taiwanese company says that it "suffered a cyberattack on part of its information systems", and has warned customers to exercise caution when downloading BIOS and firmware updates for its products.

Although MSI has shared little in the way of detail about the incident, the confirmation comes after the ransomware group Money Message was said to have breached the company's defenses. The group has made demands for $4 million with the threats of leaking stolen files.

Continue reading →

With the creation, storage, and use of data continuing to accelerate dramatically, security vulnerabilities and risks to data integrity are also escalating across the board. The trends are alarming, with one recent study from IDC -- looking at the requirements for ransomware and disaster recovery preparation -- revealing that in 2022, almost 80 percent of organizations surveyed had activated a disaster response. What’s more, 83 percent had experienced data corruption, and most worrying of all, almost two-thirds said that a ransomware attack had resulted in unrecoverable data.

Indeed, there is currently no application type that can be considered to be completely safe from ransomware. Among the wide range of possibilities this situation creates are the risks posed to organizations that are refactoring their applications for Kubernetes. Refactoring is an increasingly popular approach to application deployment, whereby apps are broken down into a range of services that can subsequently be operated independently. One of the key benefits this offers is that the application’s underlying hardware is used more efficiently, while each service can also be scaled as required without impacting other services and resources.

Continue reading →

According to a new report, at least 20 percent of enterprise endpoints remain unpatched after the remediation is completed, meaning that a fifth of machines still have a significant number of legacy vulnerabilities that could be exploited at any time.

The study of over 800 IT professionals from Action1 Corporation finds 10 percent of organizations suffered a breach over the past 12 months, with 47 percent of breaches resulting from known security vulnerabilities.

Continue reading →

Ransomware and extortion actors are utilizing more aggressive tactics to pressure organizations, with harassment being involved 20 times more often than in 2021, according to a new report.

The study, from Palo Alto Networks' Unit 42 threat intelligence team, finds harassment is typically carried out via phone calls and emails targeting a specific individual, often in the C-suite, to pressure them into paying a ransom demand.

Continue reading →

The Lockbit ransomware group claimed 129 victims in February, more than double the 50 that was reported in January.

The latest ransomware report from GuidePoint Security shows that another RaaS group, AlphV, also significantly increased its reported monthly victim count from 20 to 31.

Continue reading →