The latest report from ENISA sheds some light on the magnitude of the ransomware threat in 2021 and how it has become the prime cybersecurity menace currently targeting organizations.
The Ransomware Threat, A Force To Be Feared
Ransomware has stolen the spotlight in the threat landscape yet again, as highly-motivated and increasingly professional cybercrooks extort companies out of massive amounts of money on a daily basis.
ENISA (European Union Agency for Cybersecurity) has recently published its latest ENISA Threat Landscape (ETL) report regarding cybercriminal activity between April 2020 and July 2021. The findings are rather concerning, as it warns of a surge in cybercrime, especially those driven by the monetization of ransomware attacks.
Although the post warns of the rise of many other cybersecurity issues, the ransomware threat is the researchers’ ‘prime’ concern, with a 150% increase in ransomware attacks during the period evaluated. Furthermore, experts say that, if unaddressed, the problem will become much more pressing in the future.
“We are observing the golden era of ransomware — it has become a national security priority — and some argue that it has not yet reached the peak of its impact,” the report notes.
Ransomware attacks often start by infiltrating networks via a simple phishing email before infecting them with encryption malware across as many systems as possible. All files are locked up, and victims are denied access unless they pay a ransom, usually in cryptocurrency. In many cases, organizations that fall victim to ransomware will pay up, despite cybersecurity experts advising against it.
Money Is The Greatest Motivation
In recent years, ransomware has proven to be very lucrative; hackers can net millions of dollars from a single attack. Researchers warn that the success of such malicious campaigns will only encourage more scams to emerge.
“Our assessment is that more cybercriminals will very likely be attracted to shifting their targeting to focus on targeted ransomware operations and replicate these successes,” said the ENISA report.
Ransomware attacks such as the one that hit Colonial Pipeline showed how damaging and disruptive they could be, to the extent where it affects everyday lives. The fuel provider paid threat actors $4.4 million in Bitcoin in exchange for a decryptor that was too slow.
Ransomware attacks make headlines almost every other day, but it’s believed that many more victims pay the ransom silently and avoid any publicity. It’s no surprise, considering how an attack can damage an organization’s reputation, relations, and credibility, asides from the obvious financial loss.
“The incidents that are publicly disclosed or that receive media attention are only the tip of the iceberg,” ENISA warns.
Governments “Stepped Up Their Game” Fighting Against Ransomware
ENISA’s report also writes that governments are conducting multinational efforts against the ransomware threat. Furthermore, it also details the arrests made over involvement in ransomware groups last year.
“Given the prominence of ransomware, having the right threat intelligence at hand will help the whole cybersecurity community to develop the techniques needed to best prevent and respond to such type of attacks,” said ENISA executive director, Juhan Lepassaar.
“Such an approach can only rally around the necessity now emphasized by the European Council conclusions to reinforce the fight against cyber crime and ransomware more specifically.”
Experts encourage organizations to improve their defenses against ransomware attacks – secure backups, security awareness training, etc. – to reduce the otherwise devastating impact of a potential attack.
Also, keep your operating systems and software updated with the latest security patches. Believe it or not, crooks are still exploiting years-old vulnerabilities. Enabling multi-factor authentication is also highly advisable to prevent intrusions that could result in a cyberattack.
ENISA Threat Landscape Report
Photo by Jack Moreh