Changes in attack tactics in the last quarter alone demonstrate a shift in focus for ransomware gangs, as the number of companies attacked with 100 to 1,000 employees grows.
Everyone always thinks it’s “the other company” that gets attacked; another vertical, another geo, another size, etc. But the reality is, every organization is a potential target and it’s only a matter of time until it’s your organization’s turn.
New data from Coveware’s Q3 Quarterly Ransomware Report shows that the lower end of mid-market organizations (those between 100 and 1,000 employees) has risen significantly from Q2 to Q3 this year. According to the data, this grouping of companies has grown in focus by 13%. This coming at a time when the median ransomware payment has increased by 50% to over $71K and the average has grown only slightly to nearly $140K. And with 83% of all ransomware attacks threatening to publish exfiltrated data, it’s likely organizations are facing tough decisions when it comes to paying these increased ransoms.
The primary attack vectors in the mid-market as a whole continue to be RDP compromise and phishing attacks – making it fairly easy for these organizations to put protective measures in place to address the majority of ransomware attacks:
- RDP – kill basic Remote Desktop access that is Internet-facing. Put additional factors in place like VPN/SASE, MFA, and even Zero Trust solutions to minimize the risk of inappropriate access.
- Phishing – block malicious content with email filtering, sandboxing, endpoint protection, and Security Awareness Training to include users as part of your propped-up defense.