Ransomware Persists as a Major Cybersecurity Concern [Weekly Cybersecurity Brief]

Alert displaying ransomware detected in a company's database
Share on facebook
Share on linkedin
Share on twitter
Share on email
Share on whatsapp

Hopefully your Labor Day weekend was filled with last minute summer activities or catching up on some much-needed rest. In the cybersecurity world, however, holidays such as this past one is accelerators for concern. In fact, the FBI and Cybersecurity and Infrastructure Security Agency issued an alert to organizations before the break advising them to remain vigilant. One of the main issues driving cybersecurity anxieties is the threat of ransomware attacks. This week, we examine some of the latest stories covering ransomware growth and targets.

According to new data gathered by the NCC Group, the number of ransomware attacks increased by 288% between the first and second quarters of 2021. As Infosecurity Magazine reported, the organization’s own Research Intelligence and Fusion Team found that of the cases it dealt with, nearly a quarter stemmed from the Conti group, which typically launches its attacks via phishing emails. NCC Group’s study revealed that 49% of victims were located in the United States. Christo Butcher, global lead for threat intelligence at NCC Group, shared with the outlet that no sector is immune from such attacks. “It’s therefore crucial for organizations to be proactive about their resilience,” he said.

While the Infosecurity Magazine article also stated that some believe that the ransomware rate has remained stable over the last 18 months with media attention and coverage growing instead, there is still no doubt that ransomware remains a problem. A piece published in the Washington Post and Philadelphia Inquirer pointed out that this is particularly true for cities. As Joseph Marks wrote, “Public reports show more than 400 such attacks have hit city and county governments in the United States since 2016, impeding emergency responders, stalling tax payments, and forcing government offices back to pen-and-paper operations for weeks on end.” The cost of a ransomware attack becomes even more difficult to handle when impacting an underfunded city. For instance, after being hit by an attack in 2019, it took New Orleans nearly a year to fully rebound. This becomes even more concerning considering the surge in incidents brought about by influencers such as the evolving cryptocurrency market and expansion in the presence of “ransomware-for-hire gangs.” One potential silver lining for cities is the $1 billion included in the recent infrastructure bill.

In addition to cities, ransomware threats have disrupted a number of other networks including education institutions. Just recently, Howard University released a statement about a ransomware cyberattack that interrupted internet service for part of the campus. According to the university, its information technology team took systems offline as soon as it learned of the issue. “We are currently working with leading external forensic experts and law enforcement to fully investigate the cause and impact,” the school shared.

 

Key Takeaways:

“Ransomware Attacks Soar 288% in First Half of 2021” – Phil Muncaster, Infosecurity Magazine

https://www.infosecurity-magazine.com/news/ransomware-attacks-soar-half-2021/

  • According to new data gathered by the NCC Group, the number of ransomware attacks increased by 288% between the first and second quarters of 2021.
  • Forty-nine percent of victims were located in the United States.
  • “It’s therefore crucial for organizations to be proactive about their resilience,” stated Christo Butcher, global lead for threat intelligence at NCC Group.

“Ransomware attacks are rising, and cities are taking some of the biggest hits” – Joseph Marks, (Washington Post), The Philadelphia Inquirer

https://www.inquirer.com/business/ransomware-attacks-are-rising-cities-are-taking-some-biggest-hits-20210904.html

  • Ransomware is a particular concern for cities, especially those that are underfunded.
  • Joseph Marks wrote, “Public reports show more than 400 such attacks have hit city and county governments in the United States since 2016…”
  • In the infrastructure bill passed in the Senate, $1 billion has been included for cybersecurity efforts.

“Howard U. investigating alleged ransomware attack” – Paul Schwartzman, The Washington Post

https://www.washingtonpost.com/education/howard-university-ransomware-attack/2021/09/06/e2bbfb0c-0f66-11ec-bc8a-8d9a5b534194_story.html

  • Howard University released a statement about a ransomware cyberattack that interrupted internet service for part of the campus.
  • According to the university, its information technology team took systems offline as soon as it learned of the issue.
  • “We are currently working with leading external forensic experts and law enforcement to fully investigate the cause and impact,” the school shared.

Discover More: