Whatever the name, ransomware always causes problems. But some forms are definitely more prolific than others. As proof, four strains of ransomware together account for almost 70% of all cyberattacks.
LockBit and Conti lead threats
According to analysis by cybersecurity firm Intel 471, the most prevalent ransomware threat at the end of 2021 was LockBit 2.0, which accounted for 29.7% of all reported incidents. Recent LockBit victims include Accenture and the French Ministry of Justice.
Almost one in five incidents involves Conti ransomware, notorious for several incidents over the past year, including an attack on the Irish Health Services (HSE). The group’s discussions were recently leaked, providing insight into how a ransomware group operates. Meanwhile, PYSA and Hive are each responsible for one in ten ransomware attacks.
“The most prevalent ransomware strain in Q4 2021 was LockBit 2.0, responsible for 29.7% of all reported incidents, followed by Conti at 19%, PYSA at 10.5% and Hive at 10.1%” , say the researchers.
The sectors most affected
Intel 471 cybersecurity researchers examined 722 ransomware attacks that took place between October and December 2021 and identified the most impacted sectors.
Topping the list were consumer and industrial products, which accounted for almost a quarter of organizations affected by ransomware attacks, up sharply from the previous quarter. Consumer products and industrial products are a tempting target for criminals who use ransomware, as these are services that people depend on as part of their daily lives. If the provider’s network is encrypted, users cannot access the services they need. One of the most high-profile instances of this issue occurred in 2020 when wearables, fitness trackers and smartwatch maker Garmin was hit by a ransomware attack, blocking its services to users. Garmin would then have paid a ransom of several million dollars for a decryption key, in order to be able to restore its services.
The manufacturing industry is the second most affected sector, with 15.9% of ransomware attacks. Many manufacturing companies work around the clock, often producing life-saving goods that people need every day.
Professional services and consulting is the third most targeted sector for ransomware, with 15.4% of incidents, followed by real estate, with 11.4%.
Life sciences and healthcare was the fifth most targeted sector, following an increase in attacks against it. This category includes cyberattacks targeting hospitals. The latter are a tempting target, because due to the nature of healthcare, if networks are offline, patients cannot be treated. Some hospitals therefore pay ransoms in the hope of restoring their services more quickly.
Prevention is better than cure
Ransomware remains a major cybersecurity problem and cyberattacks using it continue to bear fruit as many victims choose to pay the ransom. However, more and more voices are being raised to avoid this practice, as experience shows that this approach encourages other attacks.
To avoid falling victim to ransomware cyberattacks, businesses can take steps. First, they should apply security patches as quickly as possible, to prevent cyberattackers from exploiting known vulnerabilities. It is also recommended that you apply multi-factor authentication across your entire network, to make it more difficult to break into accounts and exploit them to lay the groundwork for a ransomware or other software attack. malicious.
Organizations should also regularly update and test offline backups. Thus, in the event of a successful ransomware attack, it is possible to restore the network without paying the ransom.
Source: ZDNet.com