CS Jul-Aug 2023
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
ansomware attacks<br />
While laws could establish a baseline<br />
standard for cybersecurity, that standard<br />
would be a challenge for many small and<br />
medium-sized enterprises. And besides,<br />
compliance would not be an ironclad<br />
guarantee of immunity to ransomware<br />
attacks."<br />
MOST VICTIMS PAY UP<br />
Meanwhile, according to the latest Cyber<br />
Confidence Index, from cybersecurity firm<br />
ExtraHop, 83% of victims of ransomware<br />
attacks pay up to the criminals. Whether or<br />
not these ransom payments are a good idea<br />
for those whose data is hacked, or even<br />
prevents the publication of their personal<br />
details, they do incentive criminal behaviour.<br />
This incident was seemingly caused by<br />
a vulnerability in a software supply chain,<br />
meaning a component of the application<br />
these HR teams thought they were buying<br />
was compromised, unknown to them.<br />
ExtraHop's research found that 77% of IT<br />
decision makers blame outdated cybersecurity<br />
practices for contributing to at least<br />
half of all their cybersecurity incidents.<br />
"With proper security processes in place,<br />
you can stop an attack before it develops<br />
into ransomware," says Jamie Moles, senior<br />
technical manager at ExtraHop. "Too often<br />
we see businesses fail to properly secure<br />
their networks and data, leading to breaches<br />
and stolen data. No one is exempt from<br />
ransomware gangs, which is why every<br />
business should prepare to be attacked."<br />
ATTACKS HIT HARD<br />
The recent Sophos 'State of Ransomware<br />
<strong>2023</strong>' report reinforces all of the turmoil that<br />
is generated by ransomware attacks, finding<br />
that, in 76% of ransomware attacks against<br />
surveyed organisations, adversaries succeeded<br />
in encrypting data. This is the highest rate<br />
of data encryption from ransomware since<br />
Sophos started issuing the report in 2020.<br />
The survey also showed that, when organisations<br />
forked out a ransom payment to<br />
get their data decrypted, they also ended up<br />
doubling their recovery costs ($750,000<br />
in recovery costs versus $375,000 for<br />
organisations that used backups to get data<br />
back). Moreover, paying the ransom usually<br />
meant longer recovery times, with 45%<br />
of those organisations that used backups<br />
recovering within a week, compared to just<br />
39% of those that paid the ransom.<br />
Overall, 66% of the organisations surveyed<br />
were attacked by ransomware - which was<br />
the same percentage as the previous year.<br />
This suggests that the rate of ransomware<br />
attacks has remained steady, despite any<br />
perceived reduction in attacks.<br />
"Rates of encryption have returned to very<br />
high levels after a temporary dip during the<br />
pandemic, which is certainly concerning.<br />
Ransomware crews have been refining their<br />
methodologies of attack and accelerating<br />
their attacks to reduce the time for defenders<br />
to disrupt their schemes," states Chester<br />
Wisniewski, field CTO, Sophos.<br />
"Incident costs rise significantly when<br />
ransoms are paid. Most victims will not be<br />
able to recover all their files by simply buying<br />
the encryption keys; they must rebuild and<br />
recover from backups as well. Paying<br />
ransoms not only enriches criminals, but it<br />
also slows incident response and adds cost to<br />
an already devastatingly expensive situation."<br />
When analysing the root cause of ransomware<br />
attacks, the most common was an<br />
exploited vulnerability (involved in 36% of<br />
cases), followed by compromised credentials<br />
(involved in 29% of cases). This is in line with<br />
recent in-the-field incident response findings<br />
from the Sophos '<strong>2023</strong> Active Adversary<br />
Report for Business Leaders'.<br />
MOVING IN ON MOVEIT<br />
According to the latest analysis from NCC<br />
Group's Global Threat Intelligence team,<br />
released in <strong>Jul</strong>y, Ransomware attacks<br />
Richard Massey, Arcserve: organisations<br />
worldwide detected 493.33 million<br />
ransomware attacks in 2022.<br />
Stephen Robinson, WithSecure: ransomware<br />
didn't create the cybercrime industry, but it<br />
has really thrown fuel on the fire.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Jul</strong>y/<strong>Aug</strong>ust <strong>2023</strong> computing security<br />
33