Ransomware: Cybercriminals’ Attack Technique in the New Normal

Ransomware is one of the most prevalent categories of malware that’s garnering the attention of cybercriminals this year due to its high payouts and low risk of detection.  

The Identity Theft Resource Centre (ITRC), a nonprofit organisation that provides no cost assistance to victims of identity crime, observed that mass data breaches of personal information continue to decline whilst cyberattacks are up as threat actors focus on ransomware, phishing, and brute force attacks that use already available identity information to steal company funds and COVID-19 related government benefits. 

At the height of the COVID-19 pandemic, organisations like Blackbaud surfaced in the news after being hit by a ransomware attack. Cybercriminals were paid a ransom in exchange for proof that the stolen data was destroyed. This single ransomware attack at Blackbaud encourages more cybercriminals to invest and create more malware in ransomware families to (a) extort more money from their target victims and (b) increase the success rate of a ransomware attack by making it stealthy, thus bypassing static detection that an antimalware solution offers. 

With all the ransomware attacks that have been reported in 2020, this should serve as a wake-up call for organisations, especially those who have been victims of an attack. This calls for a change in cybersecurity plans and approach to prevent an organisation from once again falling victim to future attacks. IT security teams need to step back and perform cyber risk assessments to spot the gaps where IT security lacks visibility and control. Without understanding current IT risks, this only increases the attack surface, making an organisation an easy target of a cyberattack.