With pressures by law enforcement on ransomware gangs in 2021, and more stringent security requirements by cyber insurers, cybercriminals are changing their tactics to ensure a payoff.
The overarching story arc for ransomware is evolution. From the use of multiple forms of extortion, to the constantly growing “as-a-service” model, ransomware has managed to thrive. According to new data in Coveware’s just-released Q4 2021 Quarterly Ransomware Report, ransomware is getting worse:
- Ransoms are up 130% from Q3 2021, now averaging $322K
- Median ransom numbers are also up 63%, at $117K
- Data Exfiltration is now a part of 84% of all ransomware attacks
And these attacks don’t just stop with encrypting systems; according to coveware, there are many more threat actions (tied to MITRE ATT&CK TTPs) that take place, including:
- Persistence, in 82% of attacks
- Lateral Movement, also in 82% of attacks
- Credential Access, in 71% of attacks
- Command & Control, in 63% of attacks
- Collection, in 61% of attacks
Email Phishing now ties with RDP Access as the number one initial attack vector for ransomware attacks, making it imperative that you have a defense in depth strategy to fend off malicious content within emails. This should include Security Awareness Training to employ the user as part of the defense, helping to spot threatening content before it has an ability to enable a ransomware attack.