Ransomware is seen as one of the highest threats in cybersecurity recently. The global threat intelligence team (Unit 42) and incident response team (The Crypsis Group) of Palo Alto have collaborated to be able to make the 2021 Unit 42 Ransomware Threat Report which contains the latest insights and data on top ransomware variants, ransomware payment trends and security best practices.
To further delve into the ransomware landscape, global data from Unit 42, the USA, Canada, and Europe from Crypsis were also utilized.
Part of the report’s highlights included the top three countries which were largely impacted by ransomware attacks where operators would leak victim data. These were the United States (47 per cent), Canada (12 per cent), and Germany (8 per cent). The average cost of these ransomware nearly tripled to $312,493.00 US and the ‘highest amount paid’ and ‘highest amount demanded’ doubled to $10 million US and $30 million US, respectively.
The healthcare sector is one that is mostly targeted for vertical ransomware in 2020. These operators have the goal of making as much money by attacking healthcare facilities, well knowing that these continue to operate and could not afford lock outs in their systems, making them more likely to pay the ransom fees. One of these is the Ryuk ransomware where in October 2020, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS), warning healthcare organizations against Ryuk attacks.
In a common ransomware attack, the operator will force the victim to pay a ransom to unlock the encrypting data. In double extortion cases, operators would encrypt and steal data to further the victim into paying more ransom. If the victim does not pay this ransom, the operators will then leak the data into a leak site or the dark web. At least 16 different ransomware variants are now being used to threaten to expose data. NetWalker is known as the ransomware family that used this operation a lot. From January 2020 to January 2021, the organization leaked data from 113 victim organizations globally. Followed by NetWalker is RagnarLocker which leaked data from 26 victims, globally. The US Department of Justice announced early this year that it has also coordinated with international law enforcement agencies to put an end to the operations of the NetWalker ransomware gang.
Get the full 2021 Unit 42 Ransomware Threat Report for more research and best practices to implement in your organization.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…