Ransomware Attacks Expected to Continue In 2021
Ransomware attacks are growing in frequency. In 2020, we saw a rise in the proportion of attacks involving ransomware or other types of malware, and this trend is expected to continue into 2021.
According to Positive Technologies’ study on the cybersecurity threat landscape, ransomware is “reaching businesses with rising frequency” – accounting for 39% of all malware-related attacks.
The distinction between such a ransomware attack and a security breach appears to become somewhat hazy. In recent years, it is observed where attackers stole confidential data before launching an attack, and then they threaten to release it to the public – often from their website – if the victim refused to pay the ransom.
Computers are constantly being used to intimidate companies, whether with blackmail or with threats of undermining their reputations, to collect confidential information to use against them by hiring cybersecurity managed services.
As cyber-criminals are more advanced, they use machine learning methods to bypass security measures. otherwise known as ‘entries that ransomware is capable of hiding inside virtual machines and cache copies of the data when there are no cybersecurity providers’
The regular state-sponsored ransomware activity in 2021 will also be carried out by “the big four.”
State-sponsored ransomware attacks
We assume that as global tensions grow, state-sponsored ransomware will increase for both frequency and intensity. The bulk of state-sponsored ransomware attacks continue to originate from “the big four” – Russia, China, Iran, and North Korea – with most victims being the US or European-based businesses without having cybersecurity managed services by their side. State-sponsored hackers have increased their sophistication to inflict further damage, including the use of third-party “vendors” to deliver Ransomware-as-a-Service (RaaS) attacks. Still, this sophistication will almost certainly result in an increase in state-sponsored attacks in 2021.
This is corroborated by the 2019 Verizon Data Breach Report, which found that nation state-sponsored cybercriminals increased from 12% in 2017 to 23% in 2018 – a pattern expected to continue 2021.
Healthcare is bound to stay a prioritized industry.
Most countries are concerned about the coronavirus pandemic and will turn to healthcare as a result; because criminals cannot bear the burden of failing to monetize a crisis, the likelihood is that this issue will be used for illegal purposes. About half of all data breaches will be attributed to ransomware by 2021 if they do not utilize cybersecurity managed services.
More lives can be at stake due to ransomware attacks in 2021
According to a post by The New York Times, a woman died in September due to delayed care following a ransomware attack on a hospital in Düsseldorf, Germany. This was reported to be the first fatality associated with a data breach to date.
Cybercriminals will try to devise more heinous methods of extortion in the absence of cybersecurity managed services. More medical research labs and biotechnology firms are likely to be threatened as they race to produce coronavirus vaccines with cybersecurity-managed service providers ensuring robust security.
Double-extortion attacks may take center stage.
A double-extortion malware attack happens when hackers extract confidential data from the victim’s device before encrypting their information. They then threaten to reveal the victim’s data if the ransom is not paid. According to Checkpoint, the regular average with double ransomware attacks has risen by 50%.
Because healthcare documents are currently selling between $100 and $500 on the dark web, a dual attack guarantees that the perpetrator wins even though the victim refuses to pay, explaining why these attacks are gaining popularity.
Businesses would need to have ransomware response plans
Since hackers are now extracting victim data before encrypting it, ransomware attacks can begin to be viewed as data breaches, necessitating creating structured response plans. Businesses should rely on their security teams to enforce robust incident response plans to be ready for a ransomware attack.
Ransomware payments will become illegal.
Attacks on organizations that have resulted in a ransom payment have contributed to further attacks as the attack grows in complexity.
The government has announced its intention to ban ransoming to prevent any association with terror groups. Since our adversaries are almost always nation-state-state funded, we should expect to see others acting this way.
Additionally, ransomware operators have shown a propensity for uploading exfiltrated data to legal cloud storage providers. This includes the data stored on Google Drive, Amazon S3 (Simple Storage Service), and Mega.nz. This makes such nefarious activity more difficult to detect since such sites are popular destinations for network traffic.
While it remains to be seen if data exfiltration would inevitably outpace data encryption as a source of revenue and thus the primary target of ransomware operators, this may yet prove to be the case, with Acronis, for example, forecasting just such a scenario in its Cyberthreats Study 2020.