The European Union Cybersecurity Agency (ENISA) is sounding the alarm: while many ransomware attacks are denounced, they do not reflect the scale of the situation. In reality, many victims refuse to communicate about the attack that targeted them.
ENISA analyzed 623 incidents related to ransomware attacks between May 2021 and June 2022. The report published following these analyzes presents “grim conclusions”, as ransomware becomes more and more effective and causes more attacks. more devastating.
Ransomware is a huge cybersecurity challenge. Indeed, many victims feel like their only choice is to have to pay millions in bitcoins to free their data. But very few victims talk about what happened, and ENISA stresses that “the incidents made public are only the tip of the iceberg”.
A lack of reliable data
ENISA states that in 94.2% of the cases analyzed, it was not possible to confirm whether the ransom had been paid or not. This element of uncertainty “limits our understanding, and therefore our ability to perform a correct analysis to mitigate the threat of ransomware”, notes the agency.
But that’s not the only gray area on this subject: many organizations don’t even report that they have been victims of a ransomware attack, because they “prefer to solve the problem internally to avoid a bad publicity,” the report points out, making it difficult to track incidents.
This results in a lack of reliable data when it comes to building an accurate picture of the ransomware attack situation. “The lack of reliable data from targeted organizations makes it very difficult to fully understand the problem, or even know how many ransomware victims there are,” the report cautions. The latter suggests that the most reliable sources are then the “leak sites” of ransomware groups, these sites which expose the data stolen during an attack.
Difficult to accurately analyze the situation
This lack of transparency also means it is difficult to investigate, analyze and learn from how attacks work, hampering efforts to protect other companies from similar incidents.
Public statements about what happened in the attacks are rare, and in the few cases that are publicly discussed, they often lack details.
“Ransomware is on the rise, and our research shows that threat actors are carrying out attacks indiscriminately. Companies of all sizes and in all sectors are affected. Anyone can become a target. We urge organizations to prepare for ransomware attacks and consider possible consequences before attacks occur,” the ENISA document warns.
Prevention is better than cure
To protect their network from ransomware and other cyber threats, organizations are advised to:
Source: ZDNet.com