CISA: 2021 Cyberattack Trends Indicate Increases in Global Ransomware Attacks



CISA Trends Increase in Global Ransomware AttacksNew advisory sees critical infrastructure once again in the crosshairs and makes critical recommendations to both protect against ransomware and to reduce its’ impact.

When the U.S., Australia, and the U.K. all come together citing rises in ransomware attacks on critical infrastructure organizations and government entities, it’s reasonable to hear statements like “ransomware as the biggest cyber threat facing the United Kingdom.” This is the message made clear in the latest advisory from the U.S. Cybersecurity & Infrastructure Security Agency. According to the advisory, the U.S. saw attacks on 14 of the 16 U.S. critical infrastructure sectors, with similar observations in Australia and the U.K.

CISA cite three specific initial attack vectors:

  • Stolen Remote Desktop Protocols (RDP) credentials or brute force
  • Exploiting vulnerabilities
  • Phishing

They also discuss the organizing of efforts by cybercriminals. It begins with a rise in cybercriminal services-for-hire – both on the initial access side of an attack, as well as the ransomware itself. The sharing of victim information, diversifying the approaches to extorting money from victims (something that has continued to evolve over the last two years), and targeting of specific types of organizations all have resulted in more success for the ransomware threat actors.

CISA makes the following mitigation recommendations:

  1. Keep all systems up to date
  2. Secure and monitor any remote access services
  3. Implement strong password policies
  4. Use multi-factor authentication as much as possible
  5. Segment networks
  6. Use zero trust principles for access
  7. Implement Security Awareness Training

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews