Ransomware attacks wreak havoc

Ransomware attacks have been stepped up in 2020, greatly increasing the potential damage faced by organisations everywhere.

Specialist insurer Beazley has reported that ransomware attacks increased in terms of both severity and costs this year, compared to 2019, and have become the biggest cyber threat facing organisations.

According to the latest Beazley Breach Insights report, the total cost of ransom payments doubled year-on-year through the first six months of 2020, based on incidents reported to Beazley’s in-house breach response team, BBR Services.

The nature of ransomware attacks has also markedly changed in 2020. Today’s ransomware incidents are more likely to include a threat to release stolen data versus encryption alone. Threat actors increasingly have prior access to a network before deploying their attacks, during which time they are working to escalate their privileges, move laterally through the network, and perform reconnaissance on the network and data stored on it. Frequently, they now also exfiltrate data and upload it to an external site, both to prove that they have access and to threaten exposure.

Multiple layers of security needed

Despite the growing complexity of the attacks, there are opportunities to disrupt criminals’ activities during the cyber extortion process. However, this requires regular and thorough training of employees on how to avoid this evolving threat. Organisations should not only try to prevent a ransomware infection, but also prepare, in case they do get infected, through multiple layers of security, each reducing the risk and probability of ransomware.

Paul Bantick, Beazley’s global head of Cyber & Technology, comments: “In an incredibly challenging year in which ransomware has become the biggest cyber threat to impact individuals and organisations alike, the severity of ransomware attacks has continued to escalate. Our underwriting, claims and threat intelligence database shows that ransomware attacks are much more sophisticated and severe, thus it is critical that organisations adopt a layered approach to security and take stringent measures to make it hard for threat actors at every step.”