Ransomware is threatening organizations at an increasing rate, as the 2022 CrowdStrike Global Threat Report found an 82% increase in data leaks resulting from ransomware as well as an increase in ransomware demands.
The report found that the average ransom demand increased to $6.1 million in 2021, signifying a 36% spike compared to 2020, indicating that every sector analyzed saw significant increases in cyber threats throughout the last year.
“The report outlines the massive growth and impact of targeted ransomware, disruptive operations and an uptick in cloud-related attacks in 2021. The impact was felt across nearly every industry and in every country,” Scott Jarkoff, Director, Strategic Threat Advisory Group, APJ & EMEA, CrowdStrike told CXOToday.
He explained that the massive growth of ransomware-linked data leaks points to a changing tactic by cyber criminals that all businesses should pay attention to. Ultimately, the expansion of ransomware-related data leaks is an indicator that the “weaponization of data” has become a strategy for cyber criminals.
The report shows that enterprise risk is coalescing around three critical areas: endpoints, cloud workloads, identity and data; and provides a valuable resource for organizations looking to bolster their security strategy.
According to the report, financially motivated eCrime activity continues to dominate the interactive intrusion attempts tracked by CrowdStrike OverWatch. Intrusions attributed to eCrime accounted for nearly half (49%) of all observed activity.
CrowdStrike outlined numerous new tactics, techniques, and procedures (TTPs) used by threat actors in 2021 that allowed them to exploit thousands of organizations successfully. Threat actors are quickly finding innovative ways to deploy cyberattacks and adapt to the increasingly sophisticated security programs that organizations are investing in. For example, the report stated that adversaries such as BITWISE SPIDER avoided using publicly available exfiltration tools by developing their own.
According to Jarkoff , some of the biggest cybersecurity incidents of recent years, like the SolarWinds and Microsoft Exchange attacks, have demonstrated how an attack targeting cloud services and cloud supply chains could be powerful, particularly if cloud is misconfigured or poorly monitored.
The report highlights that the startling growth and impact of targeted ransomware, disruptive operations and an uptick in cloud-related attacks in 2021 was a palpable force felt across nearly every industry and in every country. CrowdStrike Intelligence observed an 82% increase in ransomware-related data leaks in 2021, with 2,686 attacks as of December 31, 2021, compared to 1,474 in 2020.
Therefore, robust preparation and strategic thinking are needed to reduce risk and it is crucial that CISOs working towards bolstering the security strategy of organizations deploy technology that pre-empts breaches using indicators of attack whilst also educating employees to keep out of the adversaries such as Spiders (e-criminals), Kittens (Iran nation-state) and Pandas (China nation-state). They need to remain vigilant and implement innovative technology to amplify their overall security posture.
“The two most effective things that they can do are integrating a managed threat hunting program to help stop sophisticated threats before they turn into breaches and establish an identity-centric Zero Trust architecture to protect credentials, making their networks and cloud infrastructure more resistant to cyberattacks. As the threat landscape evolves and adversaries further develop their tools, TTPs, they should also look to the future to identify how the business maintains a robust cybersecurity posture by scaling its cybersecurity solutions,” said Jarkoff.
As cyber criminals and nation-states around the world continue to adapt in the changing, interconnected landscape, it’s critical that businesses evolve to defend against these threats by integrating new technologies, solutions and strategies, the report concluded.