The world faced a growing spate of ransomware attacks in 2020. While malware was planted on systems throughout the year, it was detected only at the end of the year. According to a recent report, more than 500 successful ransomware attacks were officially reported in over 45 countries in the past year (H2 2019 to H1 2020). The financial damages accounted for over $1 billion ($1,005,186,000) and a future forecast predicts this number to rise 20 times to $20 billion by 2021. Experts believe this number could double-up or even rise fivefold if all attacks are reported.
Ransomware operators targeted health care institutes, banks, government agencies, and universities. Unsettled employees — many of whom were working from home — and a distributed and depleted workforce, meant an increased likelihood of an incident happening, and it did.
The cover story in the February issue of CISO MAG includes a list of the top ransomware attacks and related incidents that sent aftershocks through the business world in 2020. It also compares the different generations of ransomware, to show how this threat became more deadly over the years. Our editors dug deep to discover some scary facts and they write about what the next generation of ransomware could do, and how it would come knocking at your doors (networks).
Our editors also spoke to industry experts and curated their opinions and insights, to validate our beliefs.
We discovered new trends and changing attack vectors. For instance, attackers are now going after NAS devices, because these are backup repositories. Attention CISOs! Even your backups will be encrypted and locked. Another trend is ransomware-as-a-service. The bad guys are keeping up with trends and now offering services on the dark web.
Experts that we spoke to are already talking about new security measures like hardware-based encryption (Intel and Cybereason) and off-line storage (remember DLT magnetic tape storage?).
But the industry is not taking all this lying down. Efforts are on to fight ransomware and you can expect more news on this front in 2021. The Institute for Security and Technology launched the Ransomware Task Force in partnership with experts from multiple domains like the industry, government, law enforcement, nonprofits, cybersecurity insurance, and international organizations.
Read more about all this (and other stories about Ransomware) in our February issue.
Subscribe and download CISO MAG here.