This week marks the one year anniversary since the Colonial Pipeline ransomware attack. It was among the first ransomware attacks that gained such broad attention because of its impact – soaring gas prices and headline news.
In the Year Since
Ransomware has only increased and become more prevalent:
- Ransomware is now part of 10% of all breaches, doubling in frequency in 2021 (Verizon Data Breach Investigations Report)
- 80% of companies said they were attacked with of some form of ransomware in 2021 (Global State of Industrial Cybersecurity)
- The FBI reported 2,084 ransomware complaints during the first half of 2021 — a 62% year-over-year increase
- In February 2022, CISA reported that it is aware of ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors
- According to VirusTotal’s “Ransomware in a Global Context” report there have been more than 130 different ransomware strains detected over the past year.
Small Businesses Targeted
- According to the Verizon Data Breach Investigations Report, 90% of ransomware incidents did not result in any loss, but in 95% of the cases where there were ransomware-related costs, the losses ranged from a low of $70 to a high of $1.2 million.
- In the third quarter of 2021, 12% of victims paid ransoms, according to the Corvus Risk Insights Index – a decrease from the 44% of victims that paid the same quarter a year earlier.
- During the first half of 2021, there were $590 million in ransoms demanded (according to FinCEN), while they reported $416 million in ransomware-related costs for all of 2020.
Ransomware Attackers are Getting Better
Increased attacks mean that bad actors are learning more and refining their approach. Here are some tactics that are on the rise:
- Phishing. The continues to be the most common and effective way of delivering ransomware. See how to quickly spot phishing emails.
- Double extortion. Instead of just locking data and demanding a ransom in exchange for a decryption key, attackers also steal the data and blackmail the company to avoid the attacker leaking the information.
- Supply chain attacks. Instead of attacking an individual, supply chain attacks impact a large number of users. One ransomware attack example, the Kaseya attack, impacted over 1,500 of its customers.
- Ransomware as a service (RaaS). You no longer have to be a coder or hacker to develop malware. Using RaaS, anyone can get ransomware code and everything needed to launch and maintain a ransomware campaign.
Learn how to Prevent Ransomware
Here’s what you can do to be better prepared – use these ransomware prevention tips: