Technology Simplified
Hello and welcome to Technology Simplified – Tech Talk Everyone Can Understand Brought to you by IT Voice. The goal of this podcast is to give you actionable information that will help you keep your business network running efficiently, securely, & productively. Through this podcast, we will keep you up to date on the ever-changing technology landscape so you will be equipped to run your business effectively. Each episode will be free of undefined acronyms and over technical jargon. We look forward to helping to keep you informed.
Technology Simplified
Technology Simplified Episode 1 - Ransomware
•
IT Voice
Welcome and thank you for listening to our first episode of Technology Simplified – Tech Talk Everyone Can Understand. In this episode Will Slappey & Scott Curtis discussed current trends in ransomware, how it could affect your business, & some ways to protect yourself and recover in the event of a ransomware attack.
Check out the IT Voice website here:
https://www.itvoice.com/
Follow us on social media:
https://www.facebook.com/itvoicesolutions
https://www.linkedin.com/company/itvoice
https://www.youtube.com/channel/UCjqIcrCfbpSkr6UOTlPBngw
Ransomware trends in 2021 and 2022
•A few key ransomware trends emerged over the course of 2021 and will likely continue into 2022. Attackers realized that certain techniques yield better results and focused on those approaches. Here were some of the primary trends for ransomware in 2021:
•Supply chain attacks. Instead of attacking a single victim, supply chain attacks extended the blast radius. A prime example of a 2021 ransomware attack is the Solar Winds attack, which affected at least 18,000 of customers using their Orion software.
•Double extortion. In the past, ransomware was about attackers encrypting information found on a system and then demanding a ransom in exchange for a decryption key. With double extortion, attackers also exfiltrate the data to a separate location. There, it can be used for other purposes, including leaking the information to a public website if a payment is not received.
•Ransomware as a service (RaaS). Gone are the days when every attacker had to write their own ransomware code and run a unique set of activities. RaaS is a pay-for-use malware. It enables attackers to use a platform that provides the necessary ransomware code and operational infrastructure to launch and maintain a ransomware campaign.
•Attacking unpatched systems. This was not a new trend for 2021, but it is one that continues to be an issue year after year. While there are ransomware attacks that do make use of novel zero-day vulnerabilities, most continue to abuse known vulnerabilities on unpatched systems.
•Phishing. While ransomware attacks can infect organizations in different ways, in 2021, some form of phishing email was more often than not a root cause.
Ransomware statistics for 2021 and 2022
The statistics listed below provide insight into the breadth and growing scale of ransomware threats:
•Ransomware is part of 10% of all breaches. It doubled in frequency in 2021, according to the 2021 "Verizon Data Breach Investigations Report."
•Approximately 37% of global organizations said they were the victim of some form of ransomware attack in 2021, according to IDC's "2021 Ransomware Study."
•The FBI's Internet Crime Complaint Center reported 2,084 ransomware complaints from January to July 31, 2021. This represents a 62% year-over-year increase.
•The Cybersecurity and Infrastructure Security Agency reported in February 2022 that it is aware of ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors.
•Since 2020, there have been more than 130 different ransomware strains detected, according to VirusTotal's "Ransomware in a Global Context" report:
oThe GandCrab ransomware family was the most prevalent at 78.5% of all samples it received, according to VirusTotal.
oNinety-five percent of all the ransomware samples are Windows-based executable files -- or dynamic link libraries -- according
Check out the IT Voice website here:
https://www.itvoice.com/
Follow us on social media:
https://www.facebook.com/itvoicesolutions
https://www.linkedin.com/company/itvoice
https://www.youtube.com/channel/UCjqIcrCfbpSkr6UOTlPBngw
Ransomware trends in 2021 and 2022
•A few key ransomware trends emerged over the course of 2021 and will likely continue into 2022. Attackers realized that certain techniques yield better results and focused on those approaches. Here were some of the primary trends for ransomware in 2021:
•Supply chain attacks. Instead of attacking a single victim, supply chain attacks extended the blast radius. A prime example of a 2021 ransomware attack is the Solar Winds attack, which affected at least 18,000 of customers using their Orion software.
•Double extortion. In the past, ransomware was about attackers encrypting information found on a system and then demanding a ransom in exchange for a decryption key. With double extortion, attackers also exfiltrate the data to a separate location. There, it can be used for other purposes, including leaking the information to a public website if a payment is not received.
•Ransomware as a service (RaaS). Gone are the days when every attacker had to write their own ransomware code and run a unique set of activities. RaaS is a pay-for-use malware. It enables attackers to use a platform that provides the necessary ransomware code and operational infrastructure to launch and maintain a ransomware campaign.
•Attacking unpatched systems. This was not a new trend for 2021, but it is one that continues to be an issue year after year. While there are ransomware attacks that do make use of novel zero-day vulnerabilities, most continue to abuse known vulnerabilities on unpatched systems.
•Phishing. While ransomware attacks can infect organizations in different ways, in 2021, some form of phishing email was more often than not a root cause.
Ransomware statistics for 2021 and 2022
The statistics listed below provide insight into the breadth and growing scale of ransomware threats:
•Ransomware is part of 10% of all breaches. It doubled in frequency in 2021, according to the 2021 "Verizon Data Breach Investigations Report."
•Approximately 37% of global organizations said they were the victim of some form of ransomware attack in 2021, according to IDC's "2021 Ransomware Study."
•The FBI's Internet Crime Complaint Center reported 2,084 ransomware complaints from January to July 31, 2021. This represents a 62% year-over-year increase.
•The Cybersecurity and Infrastructure Security Agency reported in February 2022 that it is aware of ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors.
•Since 2020, there have been more than 130 different ransomware strains detected, according to VirusTotal's "Ransomware in a Global Context" report:
oThe GandCrab ransomware family was the most prevalent at 78.5% of all samples it received, according to VirusTotal.
oNinety-five percent of all the ransomware samples are Windows-based executable files -- or dynamic link libraries -- according
.jpg)