Ransomware breaches up by 13% in 2021, more than past 5 years combined: Report

The cybercriminals ecosystem dealing in ransomware is continuously increasing with several players and honed skillsets. Ransomware breaches in 2021 increased by 13% — representing a jump greater than the past 5 years combined, according to a new Verizon report.

Verizon found that as criminals look to leverage increasingly sophisticated forms of malware, it is ransomware that continues to prove particularly successful in exploiting and monetising illegal access to private information.

Today cybercrime is an industry which is on its growth trajectory where the risks are less and returns are high.

Organised crime also continues to be a pervasive force in the world of cybersecurity. Roughly 4 in 5 breaches can be attributed to organised crime — with external actors approximately four times more likely to cause breaches in an organisation than internal actors, reveals the study.

Heightened geopolitical tensions are also driving increased sophistication, visibility, and awareness around nation-state affiliated cyber-attacks. 

For many businesses, the past year has also been dominated by supply chain issues, and this trend was also reflected across the cybersecurity landscape. Around 62% of system intrusion incidents came through an organisation’s partner, it said.

In a finding that exposes the cost of human influence, people remain — by far — the weakest link in an organisations’ cybersecurity defenses. Almost 25% of total breaches in the 2022 report were the result of social engineering attacks, and when you add human errors and misuse of privilege, the human element accounts for 82% of analysed breaches over the past year.

“Over the past few years, the pandemic has exposed a number of critical issues that businesses have been forced to navigate in real-time. But nowhere is the need to adapt more compelling than in the world of cybersecurity,” said Hans Vestberg, CEO and Chairman, Verizon.

“As we continue to accelerate toward an increasingly digitised world, effective technological solutions, strong security frameworks, and an increased focus on education will all play their part in ensuring that businesses remain secure, and customers protected,” Vestberg added.

New ways and means of ransomware attack are evolving with individuals and corporates being targeted alike.

Another report by digital risk monitoring firm Cloudsek on Monday said that a new ransomware has been found in India that makes the victims donate clothes to the homeless, feed kids and provide financial support to the ones who cannot afford it but needs it urgently.

The “GoodWill” ransomware was identified by CloudSEK researchers in March 2022. As the threat group’s name suggest, the operators are allegedly interested in promoting social justice rather than conventional financial reasons,” the CloudSek report said.  

The GoodWill ransomware worm encrypts databases, documents, photos, videos and other important files and makes them irretrievable without the decryption key. 

Yet another report by cybersecurity firm Ivanti revealed that ransomware operators continue to weaponise vulnerabilities faster than ever, with ransom threats increasingly becoming ‘lethal’ in nature.   

Ivanti’s latest index found that there’s been a 7.6% jump in the number of vulnerabilities associated with ransomware in Q1 2022, compared to the end of 2021. While no organisation can escape ransomware attacks, those in the healthcare, financial and government are targeted more aggressively in recent months and the trend is here to stay, it said.