Trending data going back to January of 2020 shows that ransomware attacks are continually increasing in number with unusual highs in the 4th quarter.
Recently, Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist wrote an article about how ransomware is about to get much worse. In it, he highlighted how ransomware gangs are moving beyond the “simple” multi-faceted extortion tactics and are becoming “do anything attack gangs.” In essence, with so much experience under their collective belts, ransomware gangs understand there are lots of ways to make money off of a victim organization.
It may be one of the reasons new data from security vendor BlackFog in their BlackFog Global Ransomware Report shows that the last two months have experienced the highest number of ransomware attacks ever – in a continually-increasing trend that doesn’t seem like it’s going to end.
To aid Roger’s assertion that attack gangs are looking beyond just encryption of data, according to BlackFog, 89% of ransomware attacks include exfiltration and 86% of them use PowerShell (which, with the proper credentials, gives the threat actors the ability to do just about anything they can think of within your network).
If you didn’t think ransomware was serious, you had better catch up and realize the trend is only going to continue. BlackFog do cite the same Coveware initial attack data I recently covered that shows phishing as the leading initial attack vector – making Security Awareness Training an effective means to minimize the risk of users falling for those phishing emails designed to launch ransomware attacks that make their way past security solutions.