Ransomware attacks show little sign of slowing in 2021
Security experts see little chance of ransomware attacks slowing down in 2021 given the continued and growing success that criminal groups have had in extorting sizeable ransoms from victims this year.
If anything, attacks will only get qualitatively worse as criminal groups become more organized and targeted in their campaigns, and ransomware tools become easier to obtain and deploy.
Many experts expect a sharp increase in ransomware attacks that involve the threat of data exposure — and consequentially, potential regulatory compliance issues for victim organizations. Businesses that are inclined to pay to bring their systems back online are also likely to face closer scrutiny by the US government, over concerns about ransom funds ending up in the hands of entities on US sanctions lists.
“If 2020 was a good year for anyone, ransomware operators would certainly be at the top of the list,” says Ricardo Villadiego, CEO of Lumu. The past 12 months have seen more companies than ever negotiate and pay ransoms to get their data back, despite the FBI’s strong guidance to not do so, he says. At the same time, he adds, the size of ransoms that attackers demand has increased sharply, with amounts well in excess of $10 million becoming fairly routine.
As examples, Villadiego points to a reported $14 million ransom demand that Brazilian utility Light SA faced following an attack on its systems earlier this year, and a $15 million demand that Telecom Argentina had to contend with in a similar situation.
“Both of these ransoms were originally half that amount and automatically doubled after three business days,” he says. While it’s unclear if either entity paid the ransom, the sheer size of these demands shows how criminal organizations behind these attacks have begun going after big game, Villadiego notes. Many groups behind ransomware attacks have begun to resemble conventional corporate entities, offering everything from subscription ransomware services to affiliate selling models to broaden their reach.
To read the complete article, visit Dark Reading.