The recent cyberattack on Colonial Pipeline has once again reinforced the importance of securing corporate systems. Cybercriminals launched a ransomware campaign on the pipeline, bringing fuel supply lines to a screeching halt.
Attackers breached the company’s network. Once inside, they encrypted critical files, shuttering operations and demanded $5 million to restore access to the rightful owners.
Ransomware attacks like this one aren’t anything new, but a worrying trend is starting to emerge. Over the last 12 months, attacks for monetary gain and blocking access to files have exponentially increased.
Here’s the backstory
There are many security threats out there to worry about, and cybercriminals have different goals in mind. But ransomware has one end game: to rip victims off of their hard-earned cash by charging them to get access to the files that are already rightfully theirs.
According to a recent study by Check Point Research, ransomware occurrences have increased dramatically over the last few months. A total of 1,115 organizations were hit each week in May this year and rose to 1,210 a week by June.
The ransomware business is booming. “We’re seeing global surges in ransomware across every major geography, especially in the last two months. We believe the trend is driven by scores of new entrants into the ransomware business,” explained Check Point.
Ransomware by the numbers
The most lucrative industry for these kinds of attackers appears to be the educational sector. Whether it’s through the lack of network security or the importance of the files, the sector saw an increase of 347% over the last year.
Check Point said sectors that saw a dramatic increase in attacks over the past 12 months include the transportation industry (186%) and the retail sector (162%).
It seems that ransomware thieves have a preference when it comes to geography. The U.S. is a prime target, with incidents increasing by 32% over the last six months. But the region hardest hit is Latin America — experiencing a 62% increase. European companies have been targeted 59% more, while Africa has seen an increase of 34%.
As more companies and organizations get attacked and eventually pay millions in ransom, the strategy seems to be paying off well for cybercriminals. It is for that reason that ransomware attacks aren’t going to disappear anytime soon.
Sometimes ransomware isn’t the start of an attack but the culmination of previous network intrusions. Malware threats like Trickbot, Emotet and Dridex will be injected into a network first.
If they don’t get discovered by cybersecurity or network administrators, criminals use the malware as an access point to launch the payload that will lead to a financial reward.
How to protect your devices
The best way to keep ransomware and other security threats off all of your devices is to have strong antivirus software. We recommend the only antivirus software Kim uses and trusts. Our sponsor, TotalAV.
With TotalAV, you get real-time protection that defends against these types of attacks. Its antivirus software checks downloads, installs and executable links for viruses each time your devices access them. If a threat is detected, it’s blocked immediately.
Keep reading
Warning: Email promising protection from ransomware is actually malware