SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
DDoS
New Barracuda research sees huge spike in ransomware
Thu, 25th Aug 2022
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

In the past 12 months, Barracuda researchers identified and analysed 106 highly publicised ransomware attacks and found the dominant targets are still five key industries: education, municipalities, healthcare, infrastructure, and financial.

Researchers also saw a spike in the number of service providers that have been hit with a ransomware attack.

The volume of ransomware threats detected spiked between January and June of this year to more than 1.2 million per month.

Barracuda has released its fourth-annual threat research report on ransomware. The new report looks at ransomware attack patterns that occurred between August 2021 and July 2022.

A closer look at ransomware trends  

For the 106 highly publicised attacks our researchers analysed, the dominant targets are still five key industries: education (15%), municipalities (12%), healthcare (12%), infrastructure (8%), and financial (6%):

The number of ransomware attacks increased year-over-year across each of these five industry verticals, and attacks against other industries more than doubled compared to last year's report.

While attacks on municipalities increased only slightly, Barracuda analysis over the past 12 months showed that ransomware attacks on educational institutions more than doubled, and attacks on the healthcare and financial verticals tripled.

This year, Barracuda researchers dug in deeper on these highly publicised attacks to see which other industries are starting to be targeted. Service providers were hit the most, and ransomware attacks on automobile, hospitality, media, retail, software, and technology organisations all increased as well.

"As ransomware and other cyberthreats continue to evolve, the need for adequate security solutions has never been greater," says Fleming Shi, CTO at Barracuda.

"Many cybercriminals target small businesses in an attempt to gain access to larger organisations. As a result, it is essential for security providers to create products that are easy to use and implement, regardless of a company's size,' he says.

"Additionally, sophisticated security technologies should be available as services, so that businesses of all sizes can protect themselves against these ever-changing threats. By making security solutions more accessible and user-friendly, the entire industry can help to better defend against ransomware and other cyberattacks."

How to protect against ransomware attacks

There are five steps you can take now to protect your organisation:

  • Disable macros  Implement execution prevention by disabling macro scripts from Microsoft Office files transmitted via email.
  • Set up network segmentation  Implementing robust network segmentation will help reduce the spread of ransomware if it does get into your system.
  • Remove unused or unauthorised applications  Investigate any unauthorised software, particularly remote desktop or remote monitoring, which could be signs of compromise.
  • Enhance web application and API protection services  Secure your web applications from malicious hackers and bad bots by enabling web application and API protection services, including distributed denial of service (DDoS) protection.
  • Reinforce access control on backups  Backup should be offline/cloud credentials should be different than normal credentials.

Rule-based security solutions are going to be weak against these type of attacks and the ways they are evolving. As the attack surface expands, it requires artificial intelligence both to drive efficacy and to understand the behaviour of these attacks.

Related stories
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services
Half of online traffic in 2024 generated by bots, report finds
Spirent partners with online payments platform to boost cyber defenses
Axis unveils hybrid cloud platform for adaptable security solutions
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Secolve & Asimily join forces to boost Australia's IoT security
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models