The number of ransomware attacks in the second quarter of 2020 was three times higher than in Q1, according to a IBM Security X-Force report. Although a rather disturbing statistic, it is perhaps not a surprising one, as criminals use the pandemic to ramp up their efforts to attack companies when they are potentially at their weakest.
As ransomware attacks have been generally increasing over the last few years (a report showed that 2019 saw a 41 percent increase in ransomware attacks for example), but the pandemic has been seen by many criminals as the ideal opportunity to ramp up their attacks.
One new tactic criminals have been using during this period is merging ransomware attacks with data theft and blackmailing techniques. Attacks have stolen highly sensitive information before encrypting them and if the victims decline to pay for a decryption key, the attackers then threaten to release the data to the public.
Because the value of data is so high (with the huge financial, regulatory and reputational damage that such leaks can cause companies), the stakes have been well and truly raised.
Nearly a quarter of the ransomware attacks targeted the manufacturing industry, professional services experienced 17 per cent with public sector organisations following in third at 13 percent. With so many employees now working outside of the normal corporate environment, these sectors, like many others, are more at risk than ever.
With so many workers not working in the office and outside of the usual controls associated with internal security policies, many companies are at their weakest when it comes to cyber defence. Employees may be firing up old laptops, that are no longer supported or are unpatched or taking shortcuts to get to documents that may open up an opportunity for an opportunistic criminal.
Your employees are often your weakest link even inside of the corporate environment, but sitting outside of it make them and you potentially more vulnerable than ever.
With such a huge explosion in the number and level of sophistication of ransomware attacks, coupled with the fact that companies, in many cases, are at their weakest, things are looking pretty bleak.
However, companies are turning to innovative technology in order to counter the increased threat. By remaining proactive in defence, rather than simply sitting passively behind a wall of often inadequate defensive solutions, companies are beginning to turn the tide.
For example, the use of AI cybersecurity can help employees to see potential attempts by criminals to trick them into giving them access to data or infrastructure. The nature of AI of course means that it is continuously learning and so keeps track with the pace of the criminals’ attempts to add more layers of sophistication to their attacks.
Companies that are remaining proactive and looking to innovative solutions to support their defences are finding that the threat can be drastically reduced. Employees, no longer carry the whole burden of identifying potentially criminal emails or other attempts to illicitly gain access and by using AI, companies are also matching criminals in terms of a sophisticated approach.
There will always be those who look to take advantage of a huge global event where companies and people are at their weakest, but proactivity, the use of innovative technology and finding trusted partners that can help recommend and implement solutions, will help companies deal with this increased threat.