According to new data released by Barracuda Networks, instances of ransomware attacks have increased “dramatically” in 2021, with cyber-criminals expanding their targets to focus on critical infrastructure and “deep-rooted” software supply chain attacks.
The attacks, Barracuda noted, are generally conducted by a “handful of high-profile ransomware gangs,” with the groups REvil (19 percent) and DarkSide (8 percent) leading the way.
Of note, Barracuda observed 121 ransomware incidents, marking a 64 percent year-on-year increase, with municipalities, healthcare and education still leading the pack as most targeted, but attacks on other businesses “surging.” Strikes against corporations – including infrastructure, travel, financial services and other areas – made up 57 percent of attacks, up 18 percent Y2Y. Of those, penetration of infrastructure-related businesses accounted for 10 percent.
Top indicators of ill-preparedness include tight budgets, reduced staff and outdated technology, with ransomware payouts proving far more costly in the long run. Average ransom per incident was over $10 million, with 30 percent of attacks demanding more than $30 million in return. Strangely, attackers have even allowed for negotiations, with one high-profile example being JBS lowering its ransomware payment by more-than-half, to $11 million.
In terms of geographic distribution, top-targeted locations included the U.S. (44 percent); Europe, the Middle East and Africa (30 percent); the Asia Pacific (11 percent); South America (10 percent) and Canada and Mexico (8 percent).
Among Barracuda’s recommendations to thwart ransomware activity are:
- Assuming one will be targeted and determining not to make the payment.
- Doing everything possible to prevent credential loss.
- Securing applications and access.
- Backing up data.
Data was collected over the past 12 months from August 2020 to July 2021.