Ransomware attacks have been a major problem for organizations in recent years as more and more malware gangs become adept at extracting money, usually in the form of cryptocurrency, from businesses.
New research from Venafi shows us how ransomware evolves over time to become more sophisticated and, more importantly, more difficult to mitigate.
According to their survey of 600 IT professionals in the US, UK, France and Germany, attacks are increasingly using new threats to deter organizations from complying.
double extortion
The study found that 83% of successful ransomware attacks now include alternative extortion methods to try to extort money from their victims.
This includes 38% of ransomware attacks using stolen data to extort money from customers, 35% threatening to expose data on the dark web, and 32% notifying customers that their data has been stolen, trusting the implicit threat they contain.
It is concerning that 18% of those who paid ransomware lawsuits still had their data exposed on the dark web. Only 8% refused to pay the ransom and suffered the consequences, and 35% of victims who paid were still unable to access their data.
“Ransomware attacks have become much more dangerous. They have evolved beyond basic security defenses and business continuity techniques such as next-generation antivirus and backup,” said Kevin Bocek, vice president of business development and threat intelligence at Venafi.
"Organizations aren't prepared to defend against data-extracting ransomware, so they pay the ransom, but that only motivates attackers to dig for more. The bad news is that attackers keep up with extortion threats, even! after the ransom has been paid!This means CISOs are under much more pressure because a successful attack is much more likely to create a large-scale outage affecting customers.
On the rise
Ransomware has been a threat to businesses for several years, but the rise in value of cryptocurrencies, the primary vehicle through which attackers are paid, appears to have increased this devastating practice.
The study found that nearly three-quarters (72%) of respondents agree that ransomware attacks are evolving faster than the security controls needed to protect against them.
As a result, 76% of organizations said they plan to spend more in 2022 on ransomware-specific controls due to the threat of double or triple extortion.
Such attacks crash internal computer systems and then extort large amounts of money from organizations to return data and control.
A recent example came from the REvil gang, which once dominated the global ransomware scene. However, the risks are clear: REvil has been taken offline by a multinational law enforcement effort.