Data at Risk: 96% of Ransomware Attacks Involve Data Theft

Warn of Ransomware A new report from Arctic Wolf has found that 96% of ransomware attacks now involve data theft as criminals seek to force victims to pay up.

“As potential victims implemented more reliable backup and restoration processes, ransomware operators introduced data exfiltration as a means to apply additional pressure and protect their revenue streams,” Arctic Wolf says.

The researchers note that even if the victim pays the ransom, there’s no way to guarantee that the threat actor won’t store the stolen data for future use or sell it discreetly on the underground market.

The report also found that organizations in the finance and insurance sector are being bombarded by business email compromise (BEC) attacks.

“The finance and insurance industry accounted for 26.5% of BEC IR cases, roughly double the second-place industry (legal and government, at 13.3%),” the report says. “In fact, BEC accounted for 53% of IR cases pertaining to finance and insurance — the only industry for which BEC outnumbered ransomware. Clearly, organizations that regularly exchange money and process payment details over email are in the crosshairs of BEC attacks.”

Arctic Wolf notes that BEC attacks are fueled by social engineering, which allows attackers to bypass technical security measures.

“Phishing offers the path of least resistance in the BEC context, as a well-crafted email can trick a victim into performing actions that benefit the attacker — whether directly fulfilling the goal (e.g., transferring funds) or executing an intermediary step (e.g., providing credentials that the attacker can subsequently abuse),” the researchers write.

“But note, also, the significant contribution of previously compromised account/credentials. These are cases in which a threat actor stole, bought, or found credentials and used these to log in to some application or system within the IT environment. In some cases, they simply logged in to the email service itself.”

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Arctic Wolf has the story.

RanSim

Free downloadable software tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

Here's how it works: