Zscaler ThreatLabz, the research arm of Zscaler, a San Jose-based cloud security company, recently unveiled its 2022 State of Ransomware Report. The report among many discoveries was focused on the steep rise in ransomware attacks and the causes behind it.
Some of the key findings of the report were:
- Ransomware attacks increased by 80% year-over-year with Ransomware-as-a-Service (RaaS) being used by eight of the top 11 ransomware families
- Nearly one in five ransomware attacks target manufacturing businesses, making this industry the most targeted for the second year in a row
- Healthcare (650% increase) and Restaurant and Food Service (450%) industries saw the biggest growth of ransomware attacks when compared to 2021
- Ransomware families are rebranding to evade law enforcement and continue to infect businesses
- Supply chain ransomware attacks are multiplying damages and allowing attackers to bypass traditional security controls
- The Russia-Ukraine war is threatening an increase in ransomware combined with other attack techniques, such as the pairing of PartyTicket ransomware and HermeticWiper malware
Even the World Economic Forum, a global body of business and trade, validates the rise in ransomware attacks. “As online working surged during the pandemic, so did cybercrime – ransomware attacks rose 151% (referring to SoninWall’s research) in 2021. There were on average 270 cyberattacks per organisation in 2021, with each successful cyber breach costing a company $3.6m,” says WEF.
Another very interesting survey done by Accenture, which involved 4,744 respondents from across the world around the current state of cybersecurity resilience, found that 85% of CISOs agree or strongly agree that the cybersecurity strategy is developed with business objectives, such as growth or market share, in mind. Yet, 81%, also said that “staying ahead of attackers is a constant battle and the cost is unsustainable” compared with 69% in 2020.
The Zscaler ThreatLabz 2022 Report says that ransomware is getting more attractive to the attackers, who are able to wage increasingly profitable campaigns based on three major trends:
Supply chain attacks that exploit trusted vendor relationships to breach organizations and multiply the damage of attacks by enabling threat actors to hit multiple (sometimes hundreds or thousands) of victims
Ransomware- as-a-service that uses affiliate networks to distribute ransomware on a wide scale, allowing hackers who are experts in breaching networks to share profits with the most advanced ransomware groups.
Multiple-extortion attacks that utilize data theft, distributed denial of service (DDoS) attacks, customer communications, and more as layered extortion tactics to increase ransom payouts.
Following are some of the key findings from the extensive 51-page report:
Based on the findings of this report, DynamicCISO spoke to Deepen Desai, Chief Information Security Officer & VP Security Research Zscaler.
“Modern ransomware attacks require a single successful asset compromise to gain initial entry, move laterally, and breach the entire environment, making legacy VPN and flat networks extremely vulnerable,” says Deepen Desai, CISO, Zscaler. “Attackers are finding success exploiting weaknesses across businesses’ supply chains as well as critical vulnerabilities like Log4Shell, PrintNightmare, and others. And with ransomware-as-a-service available on the dark web, more and more criminals are turning to ransomware, realising that the odds of receiving a big payday are high,” he says.
You can listen to this insightful interview here.