2021 has borne witness to a massive spike in the number of ransomware campaigns being initiated.
According to research data produced by CybSafe‘s, there has been a 900% growth in this type of attack during the first half of 2021 when compared with the same time period from 2020. In tandem with this there has also been significant increases in cost of the cybersecurity required to keep organization safe from this type of attack and the cybercriminals have also been demanding larger ransoms be paid in order to release the locked data.
So far in 2021 there have been major ransomware attacks on many healthcare service providers, including the Health Service Executive, resulting in concerns related to the impact this might have on the provision of patient care. The attack in Ireland took place after one person replied to an email from the Conti ransomware group, allowing them to encrypt files. Recovery of the files took up to nine months, however it is not believed that the $20m ransom demand was met.
There has been a measure of success in relation to holding ransomware groups to account for their crimes. The U.S. government has elevated this type of crime to the same status as that of terrorist attacks and dedicated more manpower to dealing with them. Some Of The success encountered so far include:
- Taking down the REvil ransomware infrastructure
- Dismantling the Darkside operation and BlackMatter
- Arresting suspected members of the Clop ransomware group
Additional in Europe authorities apprehended twelve people believed to be working on the LockerGoga, MegaCortex, and Dharma ransomware campaigns. These successes will have an impact in the short term but it will not be long before some group, or new strain of ransomware, fills the vacuum that has been created. This is why steps are required in order to address the potential for organizations being infiltrated by the cybercriminals responsible.
Companies face a daunting challenge to protect themselves from attacks like this due to the wide variety of tactics that hackers can use. The starting point should be ensuring that phishing emails are being tackled head on as they are the point of origin for the vast majority of ransomware attacks. This email will be used to deploy malware or steal the credentials needed to access corporate networks and databases.
A cybersecurity solution like SpamTitan will route out malicious messages and stop them from landing in the inboxes of unsuspecting staff members. While staff training can help it will always need to be backed up with a technical solution like this. SpamTitan, for instance, completes an in-depth analysis of all email content and can spot malicious links and email attachments which will be placed in a quarantine folder where they can be reviewed. This means security teams can see how these types of threats are aiming to take advantage of the organization. Additionally, it means that false positives to be identified so filtering rules can be amended appropriately. This solution uses dual antivirus engines, sandboxing that allows suspicious attachments to be analyzed to identify new malware strains, and machine learning technology to ensure that spam filtering learns more the longer that it is used.
In the background, a huge variety of reviews and controls see to it that malicious messages are removed. Managers can control this via a clean, easy-to-use interface that requires no technical skills to navigate and use. All information and controls are simple to learn and control.
Contact the TitanHQ team now to find out more about using this solution.TitanHQ solutions can be trialled for free.