Research by Zscaler has shown that the number of ransomware attacks has increased by 40 percent over the past year. The biggest cause of this rise is the wide availability of Ransomware-as-a-service (RaaS) services on offer. However, Zscaler does see a shift in the type of ransomware attacks: namely, more and more attacks are no longer using encryption.
Infecting systems with ransomware has become a lot more difficult in recent years. Quite a lot of security tooling has entered the market that can detect when a process starts encrypting files on a system. Cybercriminals have seen security measures increase significantly and eventually had to change strategies. Therefore, they now send files to a location they can access instead of encrypting files on a system. They then blackmail the companies in question with the data found, threatening to publish it if payment is not made.
Less impact on businesses, but they do pay up
Cybercriminals now have the option of extorting companies without needing to cripple the entire organization with encrypted systems. They can simply threaten to publish: after all, many companies fear reputational damage and will then pay. If they do not, there is a good chance that the criminals will still move to encrypt systems, in order to have an additional means of coercion. This is a form of double extortion that is also getting more common.
U.S., Canada, UK and Germany in top 4 countries
The countries where ransomware is most prevalent are the United States, Canada, United Kingdom and Germany. 40 percent of attacks target U.S. companies. Canada, United Kingdom and Germany collectively do not yet reach 20 percent, so it is already a lot less there.
Increase in ransomware
The main reason ransomware attacks are on the rise has to do with ransomware-as-a-service services. This means that basically anyone up to no good on the dark web can purchase a ransomware campaign. In such a scenario, the criminal service provider grabs 70 to 80 percent of the profits, with the rest going to the client.
Another reason ransomware is on the rise can be found in the number of ransomware families that now exist. In 2021, Zscaler was tracking 19 ransomware families for its research. Now there are as many as 44. Ransomware is still big business, it appears.
Also read: LockBit 3.0, the market leader in ransomware
Better protection, less legacy?
Organizations will eventually need to improve their protection against ransomware. Much legacy software is very susceptible to ransomware because user permissions have not yet been applied to an application’s database and files. This gives ransomware much more freedom of movement. So modernizing is one solution; another is working on a zero-trust infrastructure. Although even that brings some challenges. Zscaler is one of the parties that offers comprehensive protection against ransomware, but also talks a lot about prevention tools and setting up a zero-trust infrastructure.
Also listen: Zero trust in complex environments: how to ensure secure access to apps?
1 day ago
