We’re always looking for good news on the cybersecurity front, and midway through 2022 it seemed there might actually be some. A report from Sonicwall noted that ransomware attacks were down 23% through the first half of the year, a substantial decrease. Was the world actually making some progress in the ongoing struggle?
Upon a closer look, the answer seems to be “no.” First, the main reason for the decline appears to have been the Russia-Ukraine conflict, which left Russian ransomware groups unable to maintain their pace of attacks. And while North America experienced a 42% decrease in ransomware attacks, European incidents spiked by a whopping 63%.
Worse still, it appears that the decline in ransomware has been more than offset by increases in other malware. Specifically, the first half of 2022 saw malware targeting the Internet of Things (IoT) rise by 77%, a sobering reminder that the convenience of connected devices carries a corresponding risk.
Ransomware attacks at major companies always make the headlines, and there were plenty of those in 2022, from Cisco to Nvidia to TransUnion to Rackspace. More disturbingly, the healthcare sector remained in the crosshairs of ransomware gangs because of the lucrative combination of the threat of releasing patient medical information and access to personal information including Social Security numbers.
Rounding out the top three target sectors were government and education. Roughly 45 colleges and universities were breached, and a like number of school districts. On the government front the news was even worse, according to Sophos: 6 out of every 10 organizations were attacked (up from about 33% in 2020), and only 20% of those were successful in stopping the breaches.
Even the San Francisco 49ers were victims, with more than 20,000 season-ticket holders and others having their personal information compromised (who knew the ransomware gangs were Seahawks fans?).
Another trend that grew in the year just ended is an increasingly corporate approach to ransomware deployment. While we might imagine a single hacker in a dark room or a ransomware “gang,” a Microsoft report illustrates that in the age of Ransomware as a Service (RaaS), multi-level processes have become the norm.
The roots of an attack now often begin with operators who develop and maintain the software. The operators in turn hand the program off to affiliates who deploy the RaaS programs and exfiltrate data. Finally, access brokers sell network access to other cybercriminals or gain access themselves. The upshot of all that is an exponential increase in the capacity to deploy ransomware.
So with all of that in the rearview mirror, what lies ahead in 2023 besides more of the same? Security Week predicts that IoT malware will mature to the point of targeting industrial control systems (ICS) through BIOS and firmware infections, an area that seems to have many vulnerabilities to be exploited.
We’ve seen the start of the first true hybrid war, with the cyberattacks that have been a hallmark of the Russia-Ukraine conflict. That trend will continue to gain momentum, as will the use of cyber-mercenary teams.
While artificial intelligence (AI) has provided a boost to cybersecurity, it has the same potential to be abused by the other side. Security Week predicts this for the new year as well. And with all this as a backdrop, it’s no surprise that cyber liability coverage will be both more costly and more difficult to obtain in 2023.
Questions about protecting your business from cyber threats? Contact Hill Tech Solutions.