The number of ransomware attacks has more than doubled over the last year as cybercriminals continue their relentless campaigns to hold networks and data to ransom.
According to an analysis by cybersecurity researchers at SonicWall, the volume of attempted ransomware attacks targeting their customers rose by 105% in 2021, to a total of 623.3 million attempted incidents throughout the year.
The figure also represents more than triple the number of attempted ransomware attacks recorded in 2019.
The biggest surge in ransomware attacks came between June and September 2021, a period that featured some of the most significant incidents of last year. These included the Colonial Pipeline ransomware attack, the JBS ransomware attack and the Kaseya ransomware attack.
Both Colonial and JBS were among the ransomware victims who opted to pay cybercriminals millions of dollars in ransom demands in order to obtain a decryption key to restore their networks.
Cybersecurity providers and law enforcement agencies recommend against giving in to ransom demands, as it shows criminals that ransomware attacks work. But in some cases, victims perceive it to be the most efficient way of restoring the network – although even with the correct decryption key, this can still take months of effort.
Cybercriminals are also using the extra leverage provided by threatening to leak data stolen from compromised networks if they don’t receive a ransom payment.
SEE: A winning strategy for cybersecurity (ZDNet special report)
According to SonicWall’s statistics, the United States was by far the largest target for ransomware attacks, but the volume of detected incidents more than doubled in many regions around the world including Europe and Asia.
While action has been taken against some significant ransomware groups, such as the apparent takedown of REvil in January, the SonicWall report warns that this has been “largely ineffective” in stemming the tide of ransomware as a whole.
“Due to the lucrative nature of ransomware, as soon as one group is taken down, new ones rise to fill the void,” says the paper.
But despite the continuing scourge of ransomware, according to SolarWinds, there are relatively simple steps that organisations can take to prevent them from falling victim – such as practising better password hygiene and using multi-factor authentication.
Cracking simple passwords is one of the easiest ways for cybercriminals to gain access to accounts and networks, particularly if they’re common passwords, or the username and password have previously been leaked in a breach. Using unique passwords on accounts can help prevent unauthorised access.
In addition, applying multi-factor authentication across the network provides an extra barrier of protection against hackers attempting to breach an account.
“The Colonial Pipeline breach could almost certainly have been prevented with the use of two-factor authentication,” said the paper.
“While cyberdefense has become more sophisticated and specialized over time, in some cases the simplest prevention is still some of the best”.
MORE ON CYBERSECURITY
