It’s Groundhog Day Again — The State Of Enterprise Ransomware Defense
Ransomware — an attack that makes us feel like we’re Bill Murray trapped in a Groundhog Day loop. It’d be a safe bet that if Punxsutawney Phil was tasked with predicting ransomware, he’d see his shadow every Groundhog Day.
Buckle up for some wintry, miserable, ransomware weather, because ransomware attacks have been increasing and evolving as if they were some inevitable blizzard or nor’easter predicted by Punxsutawney Phil himself. Therefore, it’s only fitting that our report, The State Of Ransomware Attacks And Defenses, was published on Groundhog Day. Don’t worry — we have the advice your organization needs to keep that little rodent from retreating back into his den.
Key findings from the research include:
- Ransomware attacks have increased threefold since 2020. Attackers are targeting different sectors and verticals evenly, often going after the organizations that they know will struggle more with an outage. The bigger the target, the more likely they are to pay and the more money they are likely to pay.
- Ransomware adversaries are being funded to the tune of millions of dollars. Ransoms continue to increase significantly, with some of the most recent attacks demanding millions of dollars. With ransoms increasing from $416 million for all of 2020 to $590 million for the first six months of 2021, insurers are dropping coverage due to rising costs.
- Attacks are highly commoditized. Ransomware groups such as BlackMatter, Clop, Darkside, REvil, and many more have created ransomware-as-a-service offerings that function just like any other startup. They offer software to facilitate the deployment of malware, a portal for ransom payments, a dashboard to track attacks, and customer service to boot. This model allows much smaller or less technical threat actors to execute lucrative attacks that otherwise would be out of reach.
- Consistent land-and-expand vectors are being used. The same weaknesses continue to be exploited by attackers to let them land and expand within organizations, such as unsecured remote access software/appliances, well-crafted spearphishing campaigns, overprivileged identities, or legacy/unpatched software/protocols. The United States Cybersecurity and Infrastructure Security Agency even started a page of bad practices to help address these systemic issues.
As you can see, the ransomware Groundhog Day loop just keeps getting worse as attacks become more frequent and costly, with more threat actors able to become involved in attacking your system’s vulnerabilities. Since the same weaknesses continue to be exploited, as if we were with Bill Murray’s character, Phil Connors, stuck in the loop, it’s easy to wonder if there will be a tomorrow — let our full report take you there. As Phil says in the movie: “There is no way that this winter is ever going to end as long as this groundhog keeps seeing his shadow. I don’t see any other way out. He’s got to be stopped. And I have to stop him.” So it’s up to us, if we ever want ransomware winter to end.
The full report breaks down additional findings and recommendations to help protect your organization from a ransomware attack. Read the full report here.