Photo credits:https://www.malwarebytes.com/
According to Darkreading’s blog post (https://www.darkreading.com), we have witnessed a staggering 143% increase in ransomware attacks between Q1 2022 and Q1 2023, signaling a formidable shift in the global cybersecurity landscape.
A high percentage of these attacks have evolved beyond the traditional playbook of encrypting victims’ data and demanding payment for its release. Instead, threat actors are now focusing on stealing sensitive information and extorting victims through threats of selling or leaking this data to others. It seems easier to conduct an extortion scheme from data exfiltrated from a cloud environment as opposed to just encrypting the data due to the increase in the adoption of redundancies provided by availability zones and cheap cloud storage services.
Consider this scenario: a threat actor obtains detailed documentation of research that cost your company $50 million. They threaten to leak this information to a competitor in another country where labor costs are significantly lower. This would hand your competitor an unfair advantage, allowing them to fast-track product development and beat you to market.
What course of action is available to you under these circumstances?
Legal recourse might not be the best option. Jurisdictional issues could prevent a fair trial, potentially leaving you with an unpalatable choice: pay the ransom or risk even greater losses.
Eliad Kimhy, head of Akamai Security Research’s CORE team, highlights an alarming trend: “The in-house development of zero-day vulnerabilities is particularly concerning.”
An analysis of these attacks reveals a common thread: the use of phishing tactics. While we may not have control over the zero-day vulnerabilities exploited by attackers, we do have control over our response to phishing attempts.
Our focus should be on controlling what we can in our attempt to prevent and mitigate the risk of being victims of such attacks. For example, reducing susceptibility to phishing is a critical step in mitigating the risk of ransomware attacks. By taking action in the appropriate direction, we can keep our organizations safer in the face of this evolving threat.