The Ransomware Revolution

In recent years, we’ve seen a fundamental shift in how threat actors approach ransomware. Threat actors today are not as interested in taking credit for encrypting files and escaping with stolen funds or valuable data. They’re more focused on destroying backups and exfiltrating data before they can be recovered.

According to Forbes, this significant alteration has increased the scope of cyber attacks, raising ransom payments much higher than prior averages. Forbes emphasises that average ransomware payments have steadily risen over the past five years, from less than $300 in 2015 to $6,700 in 2018 to $111,000 in 2020.

Continue reading to find out more about the ransomware revolution.

The State of Ransomware in 2021

Ransomware was the most common cyber threat to organisations in 2020. It is especially prevalent among finance, e-commerce, and healthcare companies. In addition to the costs of security incidents, ransomware also has a negative impact on victim companies’ production, reputation, and finances.

The reality is that ransomware attacks are on the rise. Cyber criminals are demanding more and more ransom to unlock devices that are infected with ransomware. And CIO’s are experiencing more pressure to have a cybersecurity solution in place. With new strains of ransomware and other malware threats continually being developed, organisation’s citizen or agency data is constantly at risk.

Despite the best efforts to prevent such attacks, human error remains a primary vulnerability. Organisations must ensure that they are data-ready and recovery-ready in order to withstand these attacks. Those who have been able to weather such attacks and come out whole on the other side have demonstrated a strong preparation and readiness for a data breach.

Reducing the risk of cyberattacks requires a multi-layered approach rather than a single product – awareness, education, expertise, and purpose-built solutions all play a key role. Following this approach, Black Kite has recently reinvented the ransomware playbook by identifying the correlation between control items in the Cyber Risk Assessment and Ransomware Entry Methods to provide threat approximations.

The Ransomware Susceptibility Index (RSI)

In order to alert organisations and their third parties to ransomware attacks, Black Kite developed the Ransomware Susceptibility Index (RSI) as an “early warning system” for possible ransomware activity. It is also useful as a metric for customers to understand which of their vendors are susceptible to a ransomware attack.

The RSI follows a process of inspecting, transforming, and modeling data with the goal of discovering the likelihood of a ransomware incident. Black Kite’s data is collected from a variety of OSINT sources such as internet wide scanners, hacker forums, the deep/dark web and more. The data is also curated from sensors in the environment,  including DBdigest, Sophos, Group IB, Coveware.

Join the Revolution

Join our partner, Black Kite’s CSO Bob Maley and Shared Assessment’s Senior Advisor Charlie Miller in an informative webinar on Thursday the 29th April to learn about the revolutionary RSI. The most common attack vectors for ransomware in 2021 will also be discussed. Click here to sign up.

For more information, contact the Elasticito team.