The Shocking Truth About Ransomware
Ransomware: You Ain’t Seen Nothing Yet
Ransomware statistics have been rising for years. But earlier this year, it appeared that things might be slowing down. There were actually a couple of months when the volume of ransomware attacks dropped.
The thinking at the time was that the bad guys had changed their approach: they were prioritizing attacks on high-value targets rather than conducting generalized phishing campaigns that tried to trick anyone on a computer anywhere.
That theory has been blown out of the water by the 2021 Global Threat Landscape Report from FortiGuard Labs. It highlights a new explosion in ransomware that is bad news for us all. This portends a future where cybercriminals will greatly expand their use of targeted attacks against high-value organizations, while shot-gunning phishing and ransomware malware from one end of the Web to the other.
The report detailed some shocking statistics:
- A year ago, the average volume of ransomware attacks per week (June of 2020) were almost 15,000.
- Average volume of ransomware attacks per week in June of 2021 were almost 150,000 i.e., an increase of 1,000%.
- About a third or organizations in government, telecom, automotive, and among managed security service providers (MSSP) experienced ransomware attacks in the past year.
- Among all other sectors, the average is about 25%.
The conclusion reached by the researchers is that ransomware is a “clear and present danger regardless of industry or size.”
Rising to the Ransomware Challenge
If it is accepted that ransomware is not going to go anywhere soon, then organizational IT security procedures and defenses must rise to the challenge. Fortunately, we have enough historical precedents to give us hope for a less disruptive future courtesy of the ransomware scourge:
- Industrialization filled cities with soot that blackened buildings and filled them with thick smog. London was particularly prone to this about half a century ago. A move to a less polluting form of coal, and then away from coal altogether has eliminated that issue.
- Acid rain was regarded by many as the world’s biggest problem about 30 years back. Changes in emissions standards have seen it diminish as a challenge.
- Similarly, the hole in the ozone layer was purported to be the doom of mankind a couple of decades back. Changes to aerosol and other chemical regulations had seen it disappear from the headlines.
- On the IT side, innovation has steadily conquered problems such as disk fragmentation, how to fix buggy software, simple computer viruses, pop-ups, and a long list of other challenges.
In all likelihood, ransomware is just the latest hurdle that has to be overcome. It may take a year or two more for it to be largely gotten under control. But eventually, enough safeguards will be in place that it will fall from the headlines, although it is likely to remain a threat that IT must stay alert to.
In the meantime, organizations are advised to beef up their security resources: The addition of skilled personnel, importing external help via consultants and MSSPs, and adding effective security defenses. High on the list of these defenses come patching and vulnerability scanning.
How Syxsense Can Help Your Organization
Syxsense reviews, verifies, tests, and issues all patches within three hours of issuance. Its software can automatically deploy those patches to all users and devices.
It also contains a patch rollback function in one of the rare instances when a problem arises due to a new patch. This represents the most efficient way to deal with the onslaught of new patches. It frees up IT and security personnel to take care of other urgent areas of security for the enterprise by incorporating vulnerability scanning and IT management within one interface.