Cybercriminals carried out a record number of ransomware attacks last year; experts expect more in 2022

It might be a different year, but old threats linger—especially in cyberspace.  An advisory covering the current cyberthreat situation issued by federal agencies and international partners Wednesday outlines a growing threat posed by ransomware that’s expected to continue through 2022. 

“Cybercriminals are increasingly gaining access to networks via phishing, stolen remote desktop protocols, credentials or brute force, and exploiting software vulnerabilities,” the advisory says. Over the last year, especially, “The market for ransomware became increasingly ‘professional’ and there has been an increase in cybercriminal services-for-hire.”

With this expansion of cybercrime into more of an enterprising space, the advisory notes that ransomware groups have begun sharing victim information with each other, including victims’ network access information. They’re also diversifying extortion methods to get around defenses and evolving their practices to best exploit vulnerabilities, such as by targeting public organizations on holidays and weekends. 

And from local school districts to vital infrastructure vendors, cybercriminals have broadened their targets. The advisory highlights that nearly every aspect of the nation’s critical infrastructure was digitally attacked in some way last year, including the emergency services sector, food and agriculture, and government facilities. 

“We live at a time when every government … must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim,” said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), in a statement. CISA, along with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA) and several international organizations including Australia and the United Kingdom collaborated on the advisory. “While we have taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience.” 

While action has been taken by federal agencies to make local governments aware of the threat, more education is needed, Easterly said, urging “organizations to review this advisory,” and “take action to strengthen their cybersecurity posture, and report unusual network activity or cyber incidents to government authorities.” 

To read the complete article, visit American City & County.