Ransomware, the biggest threat to businesses in 2022

Ransomware

We discuss the growing threat of ransomware and its effect on business with new data from the Kroll Threat Landscape Report.

The ongoing threat of ransomware taking over a company is not something to be taken lightly. Kroll, a provider of services and digital products related to valuation, governance, risk, and transparency, released its Threat Landscape Report, analyzing the increase of threats over 2021, this revealed ransomware as the dominant threat type. The report was the company’s first created and is scheduled to be published quarterly.

In 2021, the increase in ransomware attacks was noticeable, with large store chains such as Spar being a notable victim. It comes as no surprise that the Kroll report states the number of attempted attacks has doubled during the year from 20% in the first quarter to 46% by the third quarter. Incidents of unauthorized access and the insider threat risk increased , but to a lesser extent than ransomware, making up 25% of recorded incidents in the same period.

It can be argued that this trend was predicted, as the annual Cyber Polygon’s event ran a simulation based on the scenario of a cyber attack pandemic. This interestingly was back in 2020 before the significant increase in attacks, so the experts predicted the wave accurately and have since discussed the threat in more detail with security experts from around the world, including Interpol.

Discussion from Cyber Polygons on protecting from Ransomware

The Kroll report looks at the evolution of cyber threats, including the most prominent threat incident attack methods, most frequently targeted sectors, perpetrators, and potential future risks.

The most important thing for businesses is to prepare to defend against an attack ahead of time rather than react after the incident. Ioan Peters, Managing Director and Co-Regional Lead in EMEA for Kroll’s Cyber Risk practice, comments, “Ransomware remains a huge threat to organizations of all shapes and sizes. We’ve seen threat actors mobilize and expand their efforts since the beginning of the pandemic. Incidents like the Conti leak only serve to democratize the methods used by cybercriminals to gain access to businesses. An ounce of prevention is worth a pound of cure when it comes to ransomware, so we encourage all businesses to constantly evaluate the security controls they have deployed rather than waiting for an incident to occur.”

In the past year, the public has witnessed examples of the way the medical sector and supply chain services have been targeted. However, the Kroll report shows that healthcare attacks make up only 12% of all attacks included in the study. Interestingly it identifies the professional services sector as the most targeted sector overall in Q3, increasing by nearly 4% compared to the previous quarter to 22%.

This increase is most likely due to attackers utilizing supply chain breaches within professional services firms to make the effects of their attack as widespread as possible. Other sectors that were heavily targeted include technology and telecommunications (13%), financial services (13%), and manufacturing (10%).

Petersstated,“Attacks on the global health care sector are particularly astounding given the strain on these services through the pandemic. Following an initial ‘ceasefire’ from threat groups in March 2020, the Conti group, which accounted for the largest number of incidents in Q3 (31%), has developed a reputation for targeting hospitals and other emergency medical services. Sadly, these attacks can result in life-threatening consequences, and therefore, these organizations do need to focus on ensuring that they have all possible safeguards in place.”

For a very long time, the public viewed hackers as just a single man hiding in a basement; this is not the case now as ransomware has turned into entire organizations working as a company, hiring employees, and even paying them a salary. There is a lot of money to be made in this area regardless of their choices’ ethical issues.

Phishing and social engineering remained the most prominent infection vectors in Q3, despite instances falling by 9%. Strikingly, third-party vulnerability exploitation was up 12% on the previous quarter as threat actors weaponized the pandemic and used it as an opportunity to hit vulnerable businesses as they move more of their operations online. Petersconcluded:“As the pandemic continues to impact the way we work globally, the risks poised from threat actors looking to take advantage of business vulnerabilities have increased as security teams struggle to keep up.”

Read More:

The only way to defend against this wave is to evolve the business threat protection; luckily, many new security systems are being created to help fend off attacks. Peters states, “Businesses must ensure they are evolving with threats to ensure maximum protection for their business and clients. Strong identity protection such as multifactor authentication (MFA) is often the best step a business can take to protect itself in terms of outlay and reward. It’s relatively simple to set up and can prevent an overwhelming majority of attacks. A large majority of Q3 victims were businesses that did not have fully implemented MFA in place.”

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Erin Laurenson

Multimedia Content Producer for TBTech

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...