With COVID-19, cybercriminals ramped up their attacks. The number of ransomware attacks in 2Q 2020 (April through June) more than tripled from the previous quarter, representing nearly one-third of the attacks remediated by the IBM Security X-Force this year, says one report.
And, going into 2021, ransomware attacks show no signs of slowing. They’re becoming more targeted, sophisticated and costly—hardly a surprise given the continued success that cybercriminals have had in shaking down their victims this year.
5 Ransomware Trends for 2021
With that in mind, here are five ransomware trends we expect to see in the coming year and how you can help prepare your customers for them.
- More Cyber Insurance– ResearchAndMarkets predicts that the post-COVID-19 global cyber insurance market will grow from $7.8 billion in 2020 to $20.4 billion by 2025—a 21.2 percent CAGR—fueling a rise in ransomware attacks as cybercriminals increasingly seek out organizations with cyber insurance.
- More Targeted Attacks – Attacks will only get worse as cybercriminals become better at targeting organizations. What do they look for in a potential “victim”? Among other things:
- Revenue – With ransom demands ranging up to 10 percent of an organization’s revenue, it makes sense that cybercriminals would seek out organizations with higher revenues.
- Cyber insurance – Insurers pressure their clients to pay ransoms instead of the far more expensive post-attack remediation costs, providing cybercriminals with easy targets.
- Tolerance for downtime – Industries with a low tolerance for downtime—such as manufacturing, education, government and healthcare—have much more to lose if they don’t heed ransom demands.
- Tactics are Evolving – Threat tactics are continuing to evolve, resulting in more serious repercussions for organizations. One is the addition of extortion to the initial demand for ransom. It works like this: cybercriminals steal an organization’s information and, prior to encrypting it, demand a ransom. If the organization refuses to pay, attackers then threaten to release their data publicly, forcing them to choose between paying the ransom or paying the cost of a data breach. This tactic—and others that threat actors are adopting as they continually adjust their “business” models—show no signs of slowing in 2021.
- Ransom Demands Increasing – Ransoms continue to rise, with $10 million+ demands becoming the norm, suggests one threat researcher. In some cases, ransom demands have exceeded $40 million.
- Sanctions Ahead – To deter cybercrime, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) recently issued an advisory, saying: “Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”
How You Can Help Customers Prepare
Most organizations are not in the security business and have neither the time nor the resources to become security experts. In fact, a recent Cisco report found that 34 percent of IT decision makers are outsourcing incident response services, and 36 percent are using third-party services to analyze compromised systems—an increase over last year.
Being a trusted security expert who can advise your customers to plan for and respond to an attack helps them to proactively protect their assets, mitigate risk and maintain compliance—without taking time away from their core business.
Finally, if your customers have these six security best practices in place and they suffer data breaches, according to Cisco, their breaches are more likely to stay below $100,000.
- Regularly, formally and strategically review and improve security practices over time.
- Regularly review connection activity on the network to ensure that security measures are working as intended.
- Completely integrate security into organizational goals and business capabilities.
- Routinely and systematically investigate security incidents.
- Fully integrate security technologies so that they work effectively together.
- Keep threat detection and blocking capabilities up to date.
What You Can do Right now
Discuss the issues around ransomware with your customers. Help them build smart incident response plans based on best practices and let them know the value of adding comprehensive threat intelligence.
Download the e-book, How to Develop a Ransomware Solution for Your Customers to begin the ransomware conversation. Or visit techdata.com/security.
About the Author
Julie Wagoner has over 10 years experience in marketing/communications, specifically in social media, content strategy and web. In addition to Tech Data, where she spent 7 ½ years leading the companies social media strategy, Julie worked in social media for the MGM Grand Resort in Las Vegas.