Ransomware attacks grew 64 per cent year-on-year between August 2020 and July 2021, according to a report from the cybersecurity firm Barracuda.
Barracuda’s researchers, analysed 121 ransomware incidents between August 2020 and July 2021 and identified a 64 per cent YoY increase in attacks.
A majority of these attacks were carried out by a “handful of high-profile ransomware gangs,” the report said. Ransomware gang, Revil, accounted for 19 per cent of the attacks while a new ransomware strain, DarkSide, caused 8 per cent of the attacks.
The research further found that attackers have been heavily targeting municipalities, health care, and education. Attacks on other businesses have also witnessed a surge.
Attacks on corporations, such as infrastructure, travel, financial services, and other businesses, made up 57 per cent of all ransomware attacks between August 2020 and July 2021, up from 18 per cent as noted in Barracuda Network’s 2020 study. Meanwhile, infrastructure-related businesses account for 10 per cent of all the attacks.
“In fact, ransomware attacks are quickly evolving to software supply chain attacks, which reach more businesses in a single attempt,” the report said.
As cyber criminals level up their tactics, their attack patterns have also been evolving. Attackers are finding ways to steal credentials through phishing attacks, which can be used to challenge the web applications used by the victim.
Once the application has been compromised, the attacker can then introduce ransomware and other malware into the system which has the potential to infect the network as well the application users.
“On multiple occasions in the past year, attackers exploited an application vulnerability to gain control of the application infrastructure and eventually target the most valuable data to encrypt,” the report added.
While analysing the ransom payment trends in the past years, Barracuda researchers witnessed a significant spike in the amount. The average ransom being demanded per incident is over $10 million. In 18 per cent of the incidents, the ransom demand was less than $10 million while in 30 per cent of the incidents, the demand had been more than $30 million.
However, there have also been multiple instances of victims reducing ransom payments by deploying negotiation tactics, as per the report.
Murali Urs, Country Manager, Barracuda Networks India, said, “Ransomware criminals have refined their tactics to create a double extortion scheme. The initial steps towards safeguarding an organisation from any possible ransomware attack involve assuming vulnerability and setting a goal of not paying the ransom.”
“Once that has been taken care of, it is necessary to implement anti-phishing capabilities in email and other collaboration tools, and consistently train your users for email security awareness. Companies should also secure their SaaS (software as a service) applications and infrastructure access points by implementing Zero Trust Access. Finally, it is crucial to stay put with a secure data protection solution that can identify your critical data assets and implement disaster and recovery capabilities. That way organisations can confidently put their foot down against the ransomware criminals,” added Urs.