This blog was written by an independent guest blogger.
Cybersecurity specialists have noticed several troubling trends over the past year, ransomware being one of the most concerning. While this is far from a new issue, it’s now more common than ever before. Every month in Q2 2021 set a new record for ransomware attempts, contributing to a 151% year-over-year increase compared to 2020.
Cybercrime has risen in the past year, but ransomware attacks are outpacing other forms. For example, malware fell by 24% in the same timeframe that ransomware more than doubled. Ransomware is driving the surge in overall cybercrime, not the other way around.
This substantial uptick is not the result of a single trend but many combined factors. Here are five of the most significant.
1. Willingness to pay Is rising
One of the strongest drivers of this recent ransomware trend is a higher chance of success. Many businesses today are willing to pay the ransom to get their data back rather than risk losing it in an attempt to reclaim it. A survey from cybersecurity firm Sophos found that 32% of targeted organizations paid the ransom in 2021, compared to 26% in 2020.
This rising willingness to pay encourages cybercriminals to attempt more attacks and demand higher ransoms. Receiving a ransom is the easiest way for these criminals to profit, as selling stolen data takes more steps and likely pays less. As such, it’s unsurprising that more would favor ransomware as these quick, easy paydays become more likely.
2. Cybercriminals have more motivation
The details of this rise in ransomware indicate some of its leading causes. Notably, these attacks didn’t rise evenly across all verticals. While overall ransomware rose by 151% in H1 2021, attacks on government targets rose by 917%, with education and health care attacks increasing 615% and 594%, respectively.
This uneven distribution reflects ransomware’s two largest motivations: politics and money. Rising international tensions have led to more politically motivated attacks, as the skyrocketing trend of government-targeted attacks indicates. Similarly, increased digitization in businesses that handle sensitive data, like education and health care, gives cybercriminals more financial motivation.
3. New vulnerable targets are emerging
The world’s rapid digitization since the COVID-19 pandemic has presented cybercriminals with new targets, as well. Industries and businesses new to digital technologies are less likely to have sufficient cybersecurity, making them easier targets. Similarly, many of these companies handle sensitive data that hackers can now steal and encrypt amid rushed digitization.
Attacks against health care businesses, especially traditionally less-digitized ones, highlight this trend. One ransomware attack affected 110 nursing homes, demanding a $14 million ransom. The facilities, unequipped to address the issue, had to return to pen-and-paper patient records. These businesses are vulnerable and newly susceptible to ransomware, enticing more attacks.
4. Cryptocurrency enables anonymous transactions
One less obvious driver behind this ransomware trend is the growing popularity of cryptocurrency. While crypto transactions leave permanent records, personal information remains anonymous, providing an ideal payment process for criminals. Cybercriminals can demand their ransom in Bitcoin or another cryptocurrency to prevent someone from tracing the transaction back to them.
Active Bitcoin addresses have doubled since the start of 2020, with adoption now outpacing internet user growth. As crypto has become more popular, it’s become easier for people to buy and send it, making ransoms more feasible. With more people using these services, cybercriminals have a better chance at a successful payday.
5. Ransomware-as-a-service is growing
Ransomware is also rising because it’s becoming easier to do. There has been a dramatic rise in ready-made ransomware tools, enabling more people to carry out these attacks. Criminals with little to no technical expertise can now profit off ransomware, thanks to these ransomware-as-a-service programs.
Many cybercriminals found themselves with more free time amid the pandemic. Consequently, some developed these ready-made ransomware packages while others bought and used them. As ransomware continues to see larger payoffs, demand for these tools will rise, leading to even more attacks.
Businesses must protect against ransomware
The sociopolitical, technical, and cultural changes of the past year have created a perfect storm to birth this surging ransomware movement. Businesses must be aware of these factors to understand the gravity of the situation. Failure to recognize the prominence of this threat could result in insufficient security.
Ransomware protection is more critical than ever. In light of this threat, companies must stay abreast of developing cybercrime trends and ensure they have the latest defenses.