Recent ransomware incidents like the Optum and Change Healthcare show that ransomware attacks are causing immense damage. But what about the rate of attacks? Are these increasing?
According to the 2024 Verizon Data Breach Investigations Report, ransomware was a top threat across 92 percent of industries. It also stands that one-third of all breaches involved ransomware or some other extortion technique.
One date in the IT calendar is Anti-Ransomware Day, which occurs on May 12 each year. To mark the 2024 incarnation Digital Journal has heard from leaders from the cybersecurity companies Protegrity and HackerOne.
Herrera explains why IT professionals remain nervous about ransomware: “Protecting data from ransomware threats remains a top concern for CISOs and cybersecurity experts. Ransomware’s impact isn’t a matter of “if” but “when” for organizations, as recent breaches across healthcare, government, and finance sectors have demonstrated.”
As such Herrera recommends that: “Business leaders must prioritize safeguarding sensitive data.”
As to what such a defence looks like, Herrera explains: “Creating a robust defence against ransomware involves leveraging encryption and tokenization, ensuring continuous security and peace of mind that encrypted data stays safe even if compromised. Cybersecurity professionals must regularly evaluate their data protection strategies to ensure they adhere to the strictest security standards in the fight against ransomware.”
In terms of the specific event, Herrera remarks: “This Anti-Ransomware Day, it’s crucial to remember that simply relying on prevention, detection, backup, and recovery isn’t sufficient to defend against ransomware attacks; prioritizing data security is key.”
Mercer focuses on the current ransomware trends: “Ransomware continues to be the most common “end game” cybercriminal scenario, with the number of attacks in March 2024 breaking record. However, while it’s predicted there will be a continued rise of ransomware throughout the year, Q1 has also witnessed a record low of demands being paid, dropping to only 28 percent.”
Why the reverse? According to Mercer: “This decrease could be the result of many things – from a global rise in advanced protective measures to mounting legal pressure, or even due to the fact that cybercriminals repeatedly breach promises once the ransom has been paid.”
Ransomware still remains a threat. One idea mooted by Mercer is: “Oe way to offset the risk of ransomware attacks is to counteract the ransomware incentive model for a vulnerability rewards incentive model. Public bug bounty programs incentivise white hat hackers to highlight gaps in your defences that can be exploited by ransomware gangs. To stop yourself from being hacked, you might need to work with hackers.”