News
IDC Report: One third of organisations globallu have fallen victim to ransomware attacks over the past year – IEEE expert comments
August 2021 by IEEE
International Data Corporation (IDC) research has found that more than one third of organisations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the last 12 months. It also found that those companies that fell victim to ransomware attacks were likely to have experienced multiple ransomware events of varying magnitude. Analysis of the survey results indicates that companies that are further along in their digital transformation efforts were less likely to have experienced a ransomware event.
Kevin Curran, IEEE senior member and professor of Cybersecurity at Ulster University, offers the following comment on the growing sophistication of ransomware attacks:
“Sadly, cybercrime has become an industry, and attackers are most certainly becoming far more organised. Ransomware presents a continuous challenge and attacks are growing more sophisticated by the day. It is the one of the biggest threats at the moment, and businesses and governments alike have seen a rise in ‘Ransomware Denial of Service’ attacks, with cryptocurrencies as the payment method, enabling scammers to remain anonymous and hidden from authorities. Indeed, attackers have gone to a great effort to remain under the radar of leading AV solutions.
“Once a network has been compromised, they further penetrate the connected internal network using exploits and automatic USB infection to encrypt files in addition to sending them outwards. A key threat of this malware is its ability to evade detection and it goes to great length to do so effectively. Once a device is infected, it typically encrypts all important documents on a computer and any attached network drives or backups and removes the files. Unfortunately, the only solution to most of these types of threats is to pay the scammers.
“Ryuk ransomware is possibly the best example due to its widespread popularity. It is a very sophisticated ransomware threat that has been targeting hospitals, government institutions, businesses and other organisations for the last five years. The group behind the malware is known for using manual hacking techniques and open-source tools to move laterally through private networks and gain administrative access to as many systems as possible before initiating the file encryption.”
