2020 was a great year for ransomware gangs, and it has only gotten worse since then. Ransomware is a well-known threat and it is almost impossible to eradicate it. Looking at the way ransomware attacks have shaped up since last year, it is headed down a dire path and the forecasted trends have been explained in this article.
Data exfiltration has witnessed a surge due to ransomware attacks. It has become part of the extortion attempts to put additional pressure on victims to pay the ransom.
It is to be expected that threat actors are not going to keep up their end of the bargain, even after paying the ransom. All or some part of the exfiltrated data has ended up online even after payment.
Cybercriminals are engaging in big game hunting, as part of changing attack patterns, and gain access to the entire network.
RDP compromise remains the most common attack vector, with phishing and software vulnerability exploitation at its heel.
Ransomware business is proliferating and prospering and this growth is primarily driven by Ransomware-as-a-Service (RaaS).
Why are ransomware attacks so common?
Apart from the pandemic and consequent lockdowns that have massively contributed to the cause, ransomware has been increasing because of the following reasons:
Entry barriers have lowered with unskilled hackers getting access to tools to run their campaigns because of RaaS.
The commodification of ransomware has made it scalable and more efficient.
The increase in investment in ransomware platforms have enabled the groups to upgrade their core systems. Thus, making bad actors more professional and sophisticated.
The Increase in sophistication, targets, and frequency of attacks have led to a rise in the cost of recovery. This year the average recovery cost is $1.85 million and the average ransom paid was $170,404.
Since the beginning of this year, ransomware attacks witnessed a rise of 57%.
The average number of organizations impacted by ransomware attacks in a week surged by 102% in 2021, as compared to 2020.
The bottom line
Ransomware has evolved into a multi-billion dollar industry and this venture is only going to get bigger. Cybercriminals will use every ounce of leverage over their victims to maximize profits. With all the trends observed so early in the year, it would be safe to say that respite from this threat is not near. Hence, defenses are to be fortified and experts also suggest keeping easy to access backups.