During last year we have seen proof of devastating consequences all over the globe due to ransomware attacks.
We would like to dedicate this month to review upcoming trends and what to expect in the world of cybersecurity during 2022. Ransomware is predicted to be the most obvious threat that will continue to grow, according to sources as SC Media. Therefore, this blogpost will focus on this significant threat and its outlook.
During last year we have seen proof of devastating consequences all over the globe due to ransomware attacks. Cybercriminals managed to impact real-world services on a regular basis by performing their attacks. For example, they impaired water facilities, shut down a national oil and gas pipeline, healthcare systems and halted global food distribution. There were three times as many ransomware attacks in the first quarter of 2021 as there were in the whole year of 2019, according to Yahoo! Finance.
Ransomware normally refers to the action when cybercriminals infect devices with malware that locks files away behind unbreakable cryptography and then threaten to destroy them or publish their data publicly if a ransom is not being paid. Ransomware attacks are mostly deployed through phishing attacks, reporting CISA, Cybersecurity and Infrastructure Security Agency.
The number of attacks is rapidly increasing
During the last few years, we have experienced ransomware criminals develop from unorganized splinter groups to sophisticated operators, using different teams collaborating to target all sorts of businesses and organizations. In 2021, we saw many large attacks with this background taking place, such as the Colorado Pipeline attack and the Kaseya cyberattack.
ENISA, European Union Agency for Cybersecurity, states in the report “ENISA Threat Landscape” that there is also a large hidden number of attacks constantly taking place, in addition to the attacks exposed in the media.
“It is believed that there are many more ransomware attacks where victims quietly pay the ransom without any publicity. “The incidents that are publicly disclosed or that receive media attention are only the tip of the iceberg,” – ENISA
The number of cybercriminals offering their malware creations to others, is also predicted to increase during 2022. Ransomware-as-a-Service (RaaS), an established industry within the ransomware business, in which operators will offer subscriptions to their malware creations to other operators for a price, is predicted to continue to flourish in 2022. This due to the difficulties of tracking down and prosecuting the operators, reporting ZDNet.
The strongest driving force behind these attacks is considered to be the financial gain, criminals can walk away with large amount of money only from one single attack. Successful attacks are also predicted to encourage other cybercriminals and increase the number of actors within the ransomware business, according to PBS New Hour.
Actions are being undertaken
In the latest report by ENISA, “ENISA Threat Landscape”, it is stated that actions are being undertaken to avoid ransomware attacks, with governments recognizing the threat and organizing multinational efforts in order to deal with the situation. The report also states that several arrests due to involvement in ransomware activities were taking place during 2021. To stay on the safe side, it is considered efficient to reach out for FBI’s cybercrime arm, cybersecurity firms and other law enforcement to prevent possible attacks, according to PBS New Hour.
“Given the prominence of ransomware, having the right threat intelligence at hand will help the whole cybersecurity community to develop the techniques needed to best prevent and respond to such type of attacks,” according to ENISA’s executive director, Juhan Lepassaar.
In the US, many organizations are currently taking significant actions: the percentage of companies with a cyber policy in addition to their existing coverage increased from around 25 percent in 2016 to nearly 50 percent in 2020, reporting the Government Accountability Office.
In general, education is considered the most effective method of dealing with ransomware threats. Research shows that employees who are aware of the matter are eight times less likely to fall victim. Furthermore, on an individual basis it is important to regularly update software, and to use a different password for every login, reporting ZDNet.