It’s rife, in fact stats suggest globally there’s a ransomware incident every 5 seconds. And the ransom demands in 2022 ratcheted up by 300% – that’s some serious inflation. It’s a headache for cyber insurers too, who have followed suit with up to 300% increases in the cost of cover. Those that haven’t exited the market are recouping historical losses while wrestling with how to price the risk of the threat.
We did however see some significant developments in the world of ransomware in 2022:
↓ 40% less – cryptocurrency extorted from ransomware attacks (Chainalysis)
↑ 10,000+ – unique ransomware strains, a dramatic increase (Fortinet)
Cyber-crime gangs have had a 40% drop in earnings as more and more victims are refusing to pay ransom demands, but this is not leading to the end of ransomware attacks. On the contrary, the variety of ransomware attack techniques has increased, indicating that criminals are looking to carry out more sophisticated attempts to make up for lost payments. What is worrying is that these attacks are increasingly targeting smaller organisations, meaning that vigilance and cyber-security measures are essential.
The decrease in revenue is attributed to a mix of factors. Sanctions against hackers and their affiliates, making it more legally risky for victims to pay ransoms have been effective. There is also greater public awareness, leading to better-protected back-ups, making it more likely that victims will be able to revive their data without paying the hackers. Lastly, several police operations were successful in capturing members of major ransomware gangs and recovering stolen funds, sending a signal that authorities will take a hard stance against this type of crime.
With the launch of the International Counter Ransomware Task Force (ICRTF) in January 2023, we expect the 36 member states to further disrupt ransomware gang activity. However, the indicators suggest larger ransomware gangs are splitting into smaller groups resulting in a higher volume of unique ransomware attacks targeting smaller organisations outside of the ‘big-game hunting’ where larger payments have historically resulted. Ultimately, ransomware remains extremely profitable and smaller-sized organisations should be even more vigilant as hackers spread their net wider to get paid and avoid capture.
Ransomware resilience is more important than ever for SMEs.
To avoid the stress, embarrassment and financial impact caused by adverse cyber events like ransomware, it’s wise to take action, be prepared and implement reasonable controls to minimise the impact of an incident.
Combining many years of experience with an understanding of the attack allows Saepio to recommend integrated effective solutions protecting against ransomware and importantly detecting and responding fast should the worst happen. There are numerous stages to a ransomware attack meaning security ‘layers’ are wise to increase resilience.
If you want to talk more about your specific ransomware resilience strategy, we’re well equipped to offer advice.