Allianz Global Corporate & Specialty (AGCS) notes that cybercrime increased by 125% in the first half of 2021 compared to the previous year. The biggest gainers are ransomware attacks and extortion. This is what the insurance company says in a report about the biggest risks that companies run in the field of cybersecurity in 2021.
Ransomware attacks have increased by 62%. It is estimated that these attacks cost around $20 billion. Cybersecurity Ventures predicts that costs will reach $265 billion by 2031.
“The number of ransomware attacks may actually increase before it gets better,” said Scott Sayce, Global Head of Cyber at AGCS. He adds that not every attack is targeted. Criminals also shoot hail at companies that are not properly secured. Criminals randomly attack poorly secured organizations in the hope of hacking into valuable systems.
AGCS also identifies four trends, which we explain here.
Ransomware as a service
The world is increasingly digital and working from home has become the norm due to Covid-19. At the same time, many organizations are cutting back on IT, leaving their systems exposed to hacks.
Criminals take advantage of this. “The knowledge threshold to commit these types of attacks is relatively low and ransomware tools are easier to obtain,” said insurance expert Marek Stanislawski. “The use of cryptocurrencies and the relative ease with which gangs evade detection allow criminals to thrive with ransomware.”
This is because hacker groups, such as REvil, operate as companies. They offer ransomware as a service so that in theory anyone can commit an attack without knowing it.
Cybercriminals no longer stick to simple extortion. They encrypt not only data or systems, but also backups with an additional threat to reveal personal data.
In such a case, a company has to deal with two adverse consequences. First of all, the company network is down, which means it can no longer work. Secondly, it runs a high risk of a data breach.
There are criminals who go as far as three-part extortion. To do this, they encrypt the data, steal it and carry out a ‘ Distributed Denial-of-Service ‘ (DDoS) attack. The company can no longer work, runs the risk of a data breach and customers can no longer reach the company.
Supply Chain Attacks
The best-known ransomware attacks of the past year, such as those on VDL/NedCar , are attacks on supply chains. There are two types of attacks: attacks on software to spread malware across a physical system and attacks on digital chains. By installing malware in updated software, companies, such as SolarWinds, inadvertently spread this malware to customers themselves.
Sanislawski thinks this form of ransomware attack is the next big thing. The European Network and Information Security Agency also expects supply chain attacks to quadruple by the end of the year.
Hackers demand more ransom
In 2020, hackers demanded an average of just over $1 million to return data. By mid-2021, that has increased to $ 5.3 million. That’s an increase of 518%.
However, companies do not always pay the full amount. However, the amount of payments has also increased, from an average of 313,000 to 570,000 dollars.
The government advises against paying ransom. After all, it does not guarantee that your data is safe and the damage has already been done.
Catch up on more articles here
Follow us on Twitter here