With social engineering methods continuing to be an easy tool for hackers, there has been a huge spurt in the number of ransomware attacks. The details of at least one ransomware victim is appearing on leak sites every four hours indicating how rampant the attacks have become.

Social engineering

Social engineering is the process where hackers cull out key information from publicly available data of victims. In many cases, cybercriminals are getting the information they want by just making a phone call or sending an email to the unsuspecting victims.

Economic costs of these attacks are quite huge for companies. According to the latest report by cybersecurity solutions provider Palo Alto, companies in the finance and real estate sectors seem to be the most favourite hunting ground for hackers. These two sectors have received the highest average ransom demands of $8 million and $5.2 million. Ransom demands have been as high as $30 million, and the actual payouts have been as high as $8 million.

The report pointed out that identifying ransomware activity early is critical for organisations.Affected organisations can also expect the hackers to use double extortion, threatening to publicly release sensitive information if a ransom isn’t paid.

2022 Unit 42 Incident Response Report

“Ransomware actors are generally discovered only after the files are encrypted, and the victim organisation receives a ransom note,” Unit 42, an arm of Palo Alto, has said in its latest ‘2022 Unit 42 Incident Response Report.’

Ransomware and business emails compromise (BEC) were the top incident types that the Incident Response team handled, accounting for about 70 per cent of the cases over the past 12 months.

The company analysed 600 samples to understand the ransomware attack landscape.

Modus operandi

The report found that, cybercriminals used a variety of techniques to sneak into business emails but social engineering continues to be an easy and cost-effective way to gain access to the networks. Once they have access, the median dwell time (the time that threat actors spend in a victim’s network before being detected) for BEC attacks was 28 days, and the average amount stolen was $2,86,000

Wendi Whitmore, Senior Vice-President and Head of Unit 42 at Palo Alto Networks, said, “Right now, cybercrime is an easy business to get into because of its low cost and often high returns. As such, unskilled, novice threat actors can get started with access to tools and hacking-as-a-service becoming more popular and available on the dark web.”