Fewer ransomware victims pay up due to better defences

Fewer victims of ransomware attacks pay the ransom due to better defences, even if the number of incidents has increased dramatically over the past year and businesses remain the top target, according to the most recent Threat Spotlight from Barracuda.

Analysing 106 highly publicised attacks across the globe, including Southeast Asia between August 2021 and July 2022, Barracuda researchers saw a notable rise in ransomware attacks targeting all industries.

Five key targets stood out as the popular among ransomware hackers — education, municipalities, healthcare, infrastructure, and financial services.

Attacks on educational institutions more than doubling, and attacks on healthcare and financial organisations tripling. 

Researchers also saw a 4% rise in attacks targeting municipalities, with attacks on critical infrastructure quadrupling over the same period — signalling cybercriminals’ intent to inflict greater damage beyond the impact on the immediate victim.

They also found that of the companies being targeted across industries, service providers were hit the most (14%), though ransomware attacks on automobile, hospitality, media, retail, software, and technology organisations all increased as well.

When it came to service providers, whether they provide IT services or other business services, these types of organisations proved to be attractive targets for ransomware gangs due to the nature of the access they have to their clients’ systems.

In 2021, a double extortion trend emerged, where attackers were stealing sensitive data from their victims and demanding payment in exchange for a promise to not publish or sell the data to other criminals. 

In addition to this, this year’s research found instances when attackers are now demanding a late fee or penalty if ransom payments are not made promptly.

The good news is that this year saw fewer victims paying the ransom and more businesses standing firm thanks to better defences, especially in attacks on critical infrastructure. 

Researchers also noted how improved collaboration between nation states and government leaders has also created a collaborative environment for cracking down on these crimes.

Mark Lukie, Barracuda director of solution architects in the Asia the Pacific region (APAC), said that ransomware is still a major challenge for businesses across the world and in the Asia-Pacific region. 

“It’s a global problem, which our research shows continues to escalate as criminals find new ways to exploit their victims for financial gain,” said Lukie.

Barracuda recommends taking five steps to defend against these attacks, which includes implementing execution prevention by disabling macro scripts from Microsoft Office files transmitted via email, setting up network segmentation to reduce the spread of ransomware if it does get in your system, and removing unused or unauthorised applications, which could be signs of compromise along with enhancing web application and API protection services and reinforcing access control on backups.

Lukie said many cybercriminals target small businesses in an attempt to gain access to larger organisations. 

As a result, it is essential for security providers to create products that are easy to use and implement, regardless of a company’s size. 

Additionally, sophisticated security technologies should be available as services, so that businesses of all sizes can protect themselves against these ever-changing threats.

“By making security solutions more accessible and user-friendly, the entire industry can help to better defend against ransomware and other cyberattacks,” added Lukie.