The average number of ransomware attacks each week increased by 20% in the last two months, 41% in the last six months, and 93% in the last 12 months.
These are among the findings in an updated data snapshot of global ransomware trends near mid-year from Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies.
Other findings include:
* Industry sectors most attacked in the last six months: Education (347% increase), Transportation (186%) and then Retail/Wholesale (162%) and Healthcare (159%).
* Geographies most attacked in the last six months: Latin America (62% increase), Europe (59%) and then Africa (34%).
* CPR cites new tactic of “triple extortion”, where cybercriminals threaten not only their victim, but their victim’s customers or users, as a reason for the surges in ransomware attacks.
Lotem Finkelsteen, head of threat intelligence at Check Point Software, comments: “The ransomware business is booming. We’re seeing global surges in ransomware across every major geography, especially in the last two months. We believe the trend is driven by scores of new entrants into the ransomware business.
“What’s driving the trend are a few things. For one, word has gotten out that the business model behind ransomware is highly successful and lucrative. Headlines around staggering ransom payouts in the millions, such as the Colonial Pipeline initially giving up $4,4-million, are inspiring cybercriminals to rush in and join the ransomware business. And in this business, large sums of money are often distributed amongst only a handful of cyber criminals, enticing money-hungry cybercriminals to examine the ransomware business.
“Second, threat actors have shifted their tactics from stealing data to disrupting critical infrastructure,” he adds. “Attacks on the latter weren’t mainstream, until now. Week after week, from JBS to the Colonial Pipeline, we’re seeing ransomware gangs go after some of the most critical facets of society.
“And third, hackers are increasingly becoming more creative and innovative in their ransomware tactics, introducing methods such as “triple extortion”, where the threat actors not only demand ransom from organisations, but also threaten their customers, users and other third parties. Unfortunately, it’s only going to get worse, as I don’t think we’ve seen the peak for ransomware attacks. The threat actors behind ransomware aren’t just becoming bigger, they’re becoming better at what they do. “