New Barracuda research sees huge spike in ransomware
In the past 12 months, Barracuda researchers identified and analysed 106 highly publicised ransomware attacks and found the dominant targets are still five key industries: education, municipalities, healthcare, infrastructure, and financial.
Researchers also saw a spike in the number of service providers that have been hit with a ransomware attack.
The volume of ransomware threats detected spiked between January and June of this year to more than 1.2 million per month.
Barracuda has released its fourth-annual threat research report on ransomware. The new report looks at ransomware attack patterns that occurred between August 2021 and July 2022.
A closer look at ransomware trends
For the 106 highly publicised attacks our researchers analysed, the dominant targets are still five key industries: education (15%), municipalities (12%), healthcare (12%), infrastructure (8%), and financial (6%):
The number of ransomware attacks increased year-over-year across each of these five industry verticals, and attacks against other industries more than doubled compared to last year's report.
While attacks on municipalities increased only slightly, Barracuda analysis over the past 12 months showed that ransomware attacks on educational institutions more than doubled, and attacks on the healthcare and financial verticals tripled.
This year, Barracuda researchers dug in deeper on these highly publicised attacks to see which other industries are starting to be targeted. Service providers were hit the most, and ransomware attacks on automobile, hospitality, media, retail, software, and technology organisations all increased as well.
"As ransomware and other cyberthreats continue to evolve, the need for adequate security solutions has never been greater," says Fleming Shi, CTO at Barracuda.
"Many cybercriminals target small businesses in an attempt to gain access to larger organisations. As a result, it is essential for security providers to create products that are easy to use and implement, regardless of a company's size,' he says.
"Additionally, sophisticated security technologies should be available as services, so that businesses of all sizes can protect themselves against these ever-changing threats. By making security solutions more accessible and user-friendly, the entire industry can help to better defend against ransomware and other cyberattacks."
How to protect against ransomware attacks
There are five steps you can take now to protect your organisation:
- Disable macros Implement execution prevention by disabling macro scripts from Microsoft Office files transmitted via email.
- Set up network segmentation Implementing robust network segmentation will help reduce the spread of ransomware if it does get into your system.
- Remove unused or unauthorised applications Investigate any unauthorised software, particularly remote desktop or remote monitoring, which could be signs of compromise.
- Enhance web application and API protection services Secure your web applications from malicious hackers and bad bots by enabling web application and API protection services, including distributed denial of service (DDoS) protection.
- Reinforce access control on backups Backup should be offline/cloud credentials should be different than normal credentials.
Rule-based security solutions are going to be weak against these type of attacks and the ways they are evolving. As the attack surface expands, it requires artificial intelligence both to drive efficacy and to understand the behaviour of these attacks.