The frequency of ransomware attacks has increased significantly over the past year, with 93% more in the first half of 2021 than in the same period last year, according to Mid-Year Check Points Safety Report.
The upsurge in attacks has been fueled by the rise of the ‘triple extortion’ ransomware technique whereby attackers, in addition to stealing sensitive data from organizations and threatening to publish it publicly unless a payment is made, also target customers, suppliers or business partners in the same way.
Along with the dramatic increase in ransomware attacks, businesses have also seen a 29% increase in the number of cyberattacks globally, with the highest growth seen in Europe, Middle East & Africa (EMEA) and in the Americas, with 36% and 24% respectively. .
While the Asia-Pacific region (APAC) saw only a 13% increase in attacks, it experienced the highest number of weekly cyber attacks with 1,338. The weekly number of the EMEA was 777, while that in the Americas was 688 per week.
The report further noted an increase in the number of attacks targeting supply chains in 2021, including the high-profile attack on SolarWinds in December 2020, as well as attacks on Codecov in April and, more recently, Kaseya in July.
Following the withdrawal from the Emotet botnet operation, which was completely wiped out in April 2021, the report also noted that a number of other malware – including Trickbot, Dridex, Qbot, and IcedID – is rapidly gaining ground. popularity.
“During the first half of 2021, cybercriminals continued to adapt their work practices to exploit the shift to hybrid work, targeting organizations’ supply chains and network links with partners for maximum disruption.” , said Maya Horowitz, vice president of research. at Check Point Software.
“This year, cyber attacks continued to break records and we even saw a huge increase in the number of ransomware attacks, with high profile incidents like Solarwinds, Colonial Pipeline, JBS or Kayesa.
“Going forward, organizations need to be aware of the risks and ensure they have the right solutions to prevent, without disrupting the normal business flow, the majority of attacks, including the most advanced. “
The report also makes a number of predictions for the second half of 2021, including that ransomware attacks will continue to proliferate despite increased investment by governments and law enforcement agencies, especially the Biden administration in the United States. United.
The specific trend of triple extortion is also set to grow even further and will require organizations to establish “collateral damage” strategies to deal with the fallout from attacks that can affect multiple organizations at once.
A separate report from Unit 42 of the Palo Alto Network in May 2021 found that extortion via ransomware had become a very lucrative business, with the average ransom paid by victim organizations in Europe, the United States and Canada. having almost tripled between 2019 and 2020.
The Check Point report added that while authorities are expected to experience some success due to increased investment and the deployment of more advanced tools, threat actors will also evolve and new ransomware groups will emerge, which will also have access to better tools.
Over the past two years, for example, the report notes that there has been an acceleration in the use of penetration tools such as Cobalt Strike or Bloodhound, giving hackers live access to compromised networks and allowing them to modify their attacks on the fly.
Last year, Check Point’s mid-year report found that cyber attacks increased by a third at the end of June compared to March and April 2020, which was largely due to developments related to the pandemic.