Ransomware attacks and payment demands soar

The only real question about ransomware trends these days is not whether there has been any let-up in the relentless pace of threat activity, but rather by how much attack volumes, attack scope, and ransom demands increased over a particular period.

A new report this week from Barracuda offers some fresh insight on all fronts. Between August 2020 and July 2021, researchers from the security firm identified and analyzed a total of 121 ransomware incidents — a 64% increase over the prior year. Thirty percent of those incidents involved ransom demands of $30 million or more; 6% topped a staggering $50 million.

While municipal governments, healthcare, and education sectors continued to be heavily targeted, Barracuda found an ominous increase in ransomware attacks on organizations in previously less targeted sectors, such as financial services, travel, and infrastructure. In fact, ransomware attacks against organizations in these sectors represented 57% of all ransomware attacks that Barracuda analyzed over the past 12 months, compared with just 18% in the prior year.

The security vendor found ransomware operators are increasingly focusing on supply chain attacks, such as those on trusted software vendors and IT service providers, with the goal of compromising multiple organizations via a single attack. The most dramatic example of such an attack in recent months was the one on Kaseya in July, which resulted in ransomware being deployed on several of the company’s downstream managed service provider customers.

“These attacks are increasing in sophistication,” says Fleming Shi, chief technology officer at Barracuda.

Phishing attacks, where threat actors acquire the victim’s credentials, continued to be the most common initial infection vector. “However, in some cases, we see the attackers can target victims based on stolen [and] sold credentials from the Dark Web,” Shi says.

Other vendors have also reported a recent sharp increase in the use of banking Trojans and other malware downloaders for ransomware distribution.

Barracuda is among several vendors that have reported a sharp increase in ransomware volumes in recent months. In July SonicWall reported observing a 151% increase in ransomware attacks during the first half of this year compared with the same period in 2020. The second quarter — with nearly 189 million ransomware attacks — was the worst for ransomware that SonicWall said it has ever recorded. Overall, the security vendor counted a huge 304.7 million attempted ransomware attacks in the first six months of 2021 compared with 304.6 million for all of 2020. The attack volumes put 2021 on track to be the worst ever for ransomware, according to SonicWall.

The most notable — and concerning — attacks so far this year include the attack on Colonial Pipeline in May that caused temporary gas shortages across the US East Coast, another shortly after on meat processing giant JBS Foods, and last month’s attack on Kaseya.

To read the complete article, visit Dark Reading.