The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]

Ransomware attack patterns affecting organizations can often be difficult to discover, as they continue to evolve. In the past, cybercriminals would often target the same entry points in an organization and try to infiltrate it with malware.

Today, the attack pattern has evolved. Ransomware attacks are now more targeted and focused on finding the right target. Cybercriminals are leveraging AI and machine learning tools to search for victims who are not only of high value, but also vulnerable to a cyberattack.

According to Barracuda researchers, there was a 64% increase in ransomware attacks in the past 12 months. After analyzing 121 ransomware incidents, corporations and businesses were found to make up over half (57%) of every ransomware attack recorded — with 10% of the incidents asking for a ransom below US$10 million, and 30% demanding a ransom in excess of US$30 million.

Between August 2020 and July 2021, 57% of ransomware attacks continued to zero in on municipalities, healthcare, and education targets. Infrastructure-related businesses accounted for 10% of the attacks studied, with the ransomware evolving to target software supply chains. This was clearly indicated in some of the recent ransomware attacks involving fuel company Colonial Pipeline and meat supplier JBS, both of which had their supply chain disrupted by a ransomware intrusion.

For Fleming Shi, CTO at Barracuda, as cybercriminals work towards bigger paydays in the future, the security industry needs to create solutions that are easily consumable for companies of all sizes. For example, the attack on managed services provider Kaseya saw a global disruption, with most of their customers unable to run their processes online.

“Attackers often start with small organizations that are connected to the larger targets and then work their way up. All of us in the security industry have an obligation to turn sophisticated technology into products and services that can be easily consumed by customers,” said Fleming.

Fleming pointed out that evolving attack patterns mean cybercriminals no longer simply rely on malicious links and attachments to deliver ransomware. Instead, they are leveling up their tactics, including finding ways to hijack credentials through phishing attacks and then using them to challenge web applications used by a victim. Once the application has been compromised, the attacker can introduce ransomware and other malware into the system.

Negotiating with cybercriminals 

“It’s important to note that web applications have many forms, including those enabling users to work from home. A web portal for a segment of your IT infrastructure is just as dangerous as a full-blown SaaS application. On multiple occasions in the past year, attackers exploited an application vulnerability to gain control of the application infrastructure and eventually target the most valuable data to encrypt,” explained Flaming in a blog post.

Source: TechHQ

Protect your environment from Ransomware attacks.

Educating yourself and your employees with Cyber Security Awareness Training is the best way to start ensuring your business is protected from cyber-attacks.

Learn more about how The Cloud Consultancy can address and manage your businesses Cyber Security headaches. We can now provision boutique, pro-active, IT support services 24/7/365