Terry Greer-King, vice-president EMEA at SonicWall, discusses how ransomware is set to impact organisations in 2022
Ransomware attack tactics are set to continue evolving over the next year.
While it’s risky to make predictions on how cyber criminal activity will grow, the latest figures show us that ransomware is escalating at record pace. We have witnessed a ‘cyber surge’ this year — by mid-2021, the total amount of ransomware attacks had far surpassed the 2020’s record-breaking numbers. Overall, an unprecedented total of 714 million ransomware attacks are predicted by the close of 2021, and it’s highly unlikely that this will slow down in 2022.
Vying for vulnerabilities
Increased exploitation of vulnerabilities will be expected in 2022, meaning more endpoint resource hijacking through malware and data theft, from higher levels of attacker persistence. In the SonicWall Q3 report, a 21% increase in cryptojacking has been recorded, with a massive 461% spike across Europe. Most breaches succeed by exploiting vulnerabilities for which a patch was available, but not applied.
Effective ransomware attacks commonly target weak passwords, phishing emails, and lack of employee education. With phishing making up the largest attack vector this year, the rise of ransomware numbers are unlikely to slow down. New, sophisticated phishing methods are regularly reported, and with the continued reliance on hybrid work, vastly distributed workforces will need to be even more vigilant of email attacks. Despite US and UK policy makers attempting to address ransomware with new cyber security legislation, without focusing on the basics, ransomware is likely to rise.
Offenders overcoming obstacles
As national leaders seek to implement measures to resist the rampant rise of ransomware, the diversification of malware variants is likely to surge next year as cyber criminals adapt to overcome increased legislation against them. Despite movements to secure cyber infrastructures from respective national governments, the UK has seen a 233% surge in ransomware attacks, and the US has witnessed a 127% year-to-date increase. On top of this, we’ve discovered 307,516 never-before-seen malware variants (+73%) during the first three quarters of 2021. One of the main reasons ransomware operators are launching more attacks is due to the increased likelihood that their sophisticated techniques will pay off. This is a trend that will continue into 2022.
Why cyber crime groups are some of the world’s most effective startups
Going for Government
By an overwhelming margin, the most commonly targeted sector in 2021 was the government, with attack numbers tripling from 2020’s high point. Each month in 2021, there were more ransomware hits on the government and public sector than any other industry. By June, government bodies were getting hit with roughly 10x more ransomware attempts than average, with constant APT activity causing chaos in incidents like the Colonial Pipeline attack. With much discussion of new cybersecurity legislation around the world recently, governments will continue to target for hackers to aggressively pursue.
Increasing amounts of organisations are choosing to obtain cyber insurance, to shield themselves from the impact of potential attacks. As these policies generally cover the payment of ransoms, policyholders faced with a ransomware attack are able to pay the ransom and obtain decryption while still avoiding the risk and hardship that comes with making a huge payment to criminals. While this can seem beneficial for insurers, victims and ransomware operators in the short term, this strategy isn’t sustainable.
As victims continue to pay what’s demanded of them, cyber criminals have continued making bigger and bigger demands. Alongside the rise of attacks, it seems likely this trend will persist, eventually making losses unsustainable for insurance companies. Consequently, 2022 is likely to see the re-evaluation of current cyber insurance schemes as a means to overcome this.
In 2021, ransomware groups have clearly been emboldened by rising payouts and have successfully carried out millions of attacks this year. This is a trend we don’t anticipate ending in 2021, as bad actors become smarter at implementing new methods and exploiting widening security gaps left by hybrid working. It is crucial going into 2022 that organisations and governments look at revolutionising modern dynamic cyber security approaches to protect against both known and unknown threats, particularly when everyone is more remote, more mobile and less secure than ever.