Ransomware’s Serious Effects On Cyber Security

Uploaded on 2022-06-14 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

In the last few years, we have seen ransomware go from a cybercriminal annoyance to a real national security threat. Prior to this ransomware was a frustrating malware incident requiring a fewhundred dollars. Today, find ransomware has evolved into large, enterprise-wide data breaches that are, in some cases, asking for millions in ransom. 

Cyber security leaders and analysts have been shocked by attacks like SolarWinds supply chain compromise, through to the Colonial Pipeline ransomware attack and issues with the Ukraine conflict. 

Ransomware is now a massive concern for cyber security professionals, according to the 2022 Infosecurity Group State of Cybersecurity Report.

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network.

The ransomware boom under US President Obama's administration which approached it as part of an overall response cyber crime. That involved putting agents on the ground around the world to score tactical wins in countries that were otherwise uncooperative, but defence against such attacks fell down the list of priorities under Trump even as ransomware itself boomed.

This new report reviews and analyses cyber security professionals worries and this year’s study found ransomware was 28% concern, the biggest trend among the respondents (28%). This is closely followed by geopolitics/nation-state attacks (24%) and supply chain attacks (22%). 

Ransomware has become increasingly more sophisticated, with authorities stepping up their response in an effort to thwart these attacks and put pressure on ransomware groups.

Ransomware attacks have increased because they remain effective in not only locking up customer data but bringing businesses to a halt and offering huge financial gain for the attackers.

Geopolitical unrest was also a critical talking point in this years’ report with the war in Ukraine causing a shift in hostilities into cyberspace. Expectations for global change to address cyber warfare was heightened amongst the respondents.

Other Key Trends Include:

  • Cloud/multi-cloud security.
  • Remote work and return.
  • 'Deperimeterisation' & Zero trust.
  • Cybersecurity awareness/human behaviour.
  • AI/ML (including deep fakes).
  • Phishing/ Social engineering.
  • IoT security and standardisation.
  • Identity and access management.
  • Data protection/identity theft & cyber crime.

Companies Are Finding Success Using These Measures:

  • Securing all RDP:  COVID-19 saw workforces shift to work from home—and home networks are often rife with poor security. Solid basic hygiene would include strong passwords, multifactor authentication, software updates, restricted access, and network-level authentication.
  • Patch Management:  Legacy systems, be it OT or IT, chug along on old software with security gaps. After RDP and phishing attacks, vulnerable software is the next largest attack vector, which is why securing communication channels and patching Windows operating system exploits remain vital.
  • Disabling user-level command-line capabilities and blocking Transmission Control Protocol (TCP) port 445:  Ransomware threat actors run free or low-cost software and scanning tools, searching for things like credential harvesting and internal unsecured port discovery from command-line prompts. If command-line capabilities end up disabled, the company becomes a more difficult target. Additionally, blocking port TCP 445 on external-facing infrastructure and internal firewalls also helps reduce the attack surface.
  • Protect Active Directory:  Active Directory is a database and set of services that connects users with the network resources they need to get their work done. The database (or directory) contains critical information about your environment, including what users and computers there are and who’s allowed to do what.
  • Education & Training:  Cyber awareness training and education should be mandatory. You don’t need to be a highly trained and skilled cybersecurity professional, but basic changes in behaviour and awareness of where and how threats can enter your organisation can further reduce risks.

The State of Cybersecurity Report is based on interviews conducted in March 2022 which gathered the opinions numerous cybersecurity experts via online written responses and online one-to-one video interviews for a deeper dive into the state of cyber security.

Infosecurity Magazine:   Infosecurity Magazine:   NCSC:   Technology ReviewZDNet:     McKinsey:   Everbridge:  

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine
Using Artificial Intelligence In Military Operations »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Secunet Security Networks

Secunet Security Networks

Secunet is a leading cyber security company offering a combination of consultancy and products, delivering the highest level of security for data, applications and digital identities.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

National Information Technology Development Agency (NITDA) - Nigeria

National Information Technology Development Agency (NITDA) - Nigeria

The National Information Technology Development Agency (NITDA) is committed to implementing the Nigerian National Information Technology Policy.

NT Cyfence

NT Cyfence

CAT Cyfence is the IT Security services business unit of CAT Telecoms.

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

SecuLetter

SecuLetter

SecuLetter is able to detect unknown attacks with hybrid approaches, static and dynamic analysis.

Emagined Security

Emagined Security

Emagined Security is a leading provider of professional services for Information Security and Compliance solutions.

Techfusion

Techfusion

Techfusion is a cyber security research and consulting firm focusing on digital forensics and data recovery.

Quantinuum

Quantinuum

Quantinuum is the combination of Cambridge Quantum with Honeywell Quantum Solutions, structured to drive the future of quantum computing.

US Army Cyber Command (ARCYBER)

US Army Cyber Command (ARCYBER)

US Army’s Cyber Command (ARCYBER) is engaged in the real-world cyberspace fight today, against near-peer adversaries, ISIS, and other global cyber threats.

BlockSec

BlockSec

BlockSec is dedicated to building blockchain security infrastructure. The team is founded by top security researchers and experiencedexperts from both academia and industry.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.

Strobes Security

Strobes Security

Strobes is among the world’s first cybersecurity platforms specifically designed for end-to-end continuous threat exposure management.