Ransomware is a type of malware that locks down files, data or systems, and threatens to erase or destroy the data – or make private or sensitive data to the public – unless a ransom is paid to the cybercriminals who launched the attack. Recent ransomware attacks have targeted state and local governments, which are easier to breach than organizations and under pressure to pay ransoms in order to restore applications and websites which citizens rely on.
The data below was recorded by a software company called BlackFog, a leader in device data privacy, data security and ransomware prevention using behavioral analysis and anti-data exfiltration (ADX) technology.
Ransomware started strong in 2022 with a significant attack on Bernalillo County in New Mexico which resulted in the closing of most government buildings and impacted education in the area. The cyberattack also had a knock-on effect at a county jail when the security camera and automatic doors were knocked offline leaving the inmates in lockdown.
In March, Automotive giant Toyota made news when they were forced to halt production across all plants in Japan after a ransomware attack on a key supplier.
Over half of all ransomware attacks reported during the first three months of this year are the work of just two cyber-criminal outfits (Lockbit 2.0 and Conti).
Towards the middle of the year, education and government were the hardest hit verticals in May, with an attack on Indian airline SpiceJet and farming equipment maker AGCO making headlines globally. The BlackCat criminal gang disrupted some systems, demanding a ransom of 5 million from the Austrian state of Carinthia and 4.5 million from University of Pisa.
Healthcare organizations were targeted the most in August with 10 different incidents recorded, including an attack on the UK’s NHS as well as an attack on a French hospital which resulted in a massive $10,000,000 ransom demand.
An alarming 44 incidents made ransomware news in October, setting a new record for BlackFog. Ferrari made headlines when RansomEXX posted some internal documents following an attack that the company strongly denies. A record breaking ransom of $60 million was demanded from UK car dealer Pendragon by the LockBit gang, while the month finished with an attack on hit ForceNet, the Australian defense communications platform used by military personnel and defense staff.
Several preventative measures can be taken by businesses to avoid falling victim to ransomware. These include applying security patches to software and operating systems as quickly as possible, so cyber criminals can’t exploit known vulnerabilities to enter and exploit networks. Furthermore, organizations should roll out multi-factor authentication to all users to provide an extra barrier to attacks and, if it’s suspected that a password has been hacked, it should be changed immediately.
Author: Sana Lotia