Ransomware Damage Skyrockets +935% Since 2021
Group IB presented their alarming findings in the report, Hi-Tech Crime Trends 2021/2022. Cybercriminals continuously improve their methods to access your data. Malicious internal threats can be anyone from corporate espionage to whistleblowers looking to profit from your precious data in databases and your files and documents. More concerning is the advancement of tools, skills, and knowledge to access an organization and leak data. CISOs worldwide discuss challenges in balancing security and productivity with access to files and data. Cybersecurity isn’t an IT issue; it is a company issue.
Don’t Get Complacent. Cybercriminals Aren’t.
Cybercriminal underground has a relatively low barrier for entry. Poor corporate cyber risk management and the fact that tools for conducting attacks against corporate networks are widely available contributed to a record-breaking rise in the number of initial access brokers. In 2019-2020 the group detected only 86 active brokers, meanwhile, that number skyrocketed to 262, with 229 in 2021-2022.
The report found most companies affected are in manufacturing (9% of all companies), education (9%), financial services (9%), healthcare (7%), and commerce (7%) industries. In the review period, the number of sectors exploited by initial access brokers surged from 20 to 35, which indicates that cybercriminals are becoming aware of the variety of potential victims.
What is most concerning is the aggressive nature of cyber criminals. Since less than 30% of all organizations actually pay up, hackers are launching simultaneous strategies to overwhelm organizations to motivate them to pay. These strategies are anything from Distributed Denial of Service (DDoS) attacks to shutting down online businesses to blackmail.
The Rise of Social Engineering: Hacker Meets Naive Insider
Increasingly more sophisticated social engineering attacks are becoming more common against enterprises and SMBs. For the foreseeable future, companies must keep a vigilant pace in learning about tools and strategies to stay ahead of cybercriminals.
Unfortunately for Uber, they were once again added to the long list of companies duped by social engineering. The hacker gained access to the organization’s internal IT systems, documents and data, email dashboard, Slack server, endpoints, Windows domain, and Amazon Web Services console. Internal whistleblowers also downloaded data contained in email, files and documents to use in shining a light on some of the questionable practices at the company.
They aren’t alone. Numerous large and small organizations made the news for similar attacks. Some of them were NFL (2022), EA Games (2021), Shark Tank (2020), Toyota (2019), and many more.
What is Social Engineering?
Social engineering involves manipulating people into giving up sensitive information. Social engineering attacks are either physical breaches of a person gaining access to something or virtual, such as cyber-attacks. Today, attackers are far more advanced than only email links. They use phone calls, social media, impersonation, emotional espionage, blackmail, and intimation to deceive users into divulging sensitive information access. Attackers and accomplices range from your competitors, disgruntled employees or vendors to third-party professional crime rings.
Over-Reliance on MFA and 2 Factor
We believe in best practices to protect your people and company information. The issue with a fortress-only approach via user authentication means that if that system is bypassed, it’s a free for all in your corporate data. It’s like locking your doors and allowing anyone who appears authorized to come in and look around your house, in your drawers and closets. Your treasures are laid out for anyone to slip into their pockets, and you might not even know the theft happened for weeks or years.
Protecting Your “Jewels,” AKA Data Security
Information is your corporate value. Criminals are starting to agree. The price for card numbers and user data is steady; the price for unstructured data on the black market has climbed nearly 20%. Some of the most sought-after text data fetched a whopping $1,000 per entry vs. only $100 a year ago (Group IB). This means your unstructured data and information contained in email, files and documents is also precious.
Sometimes we forget how we work, what we say, and who we say it to is valuable information. Traditionally, the solutions to protecting your data were clanky, cumbersome, complex, and a burden on everyone. Today there are unprecedented data protection solutions for the most prevalent work collaboration tools like Google, Dropbox, and Slack. The new solutions allow for sharing, searching, and collaboration with protected files and documents. Microsoft has many of these tools built into their systems, but public cloud Saas tools are now becoming just as secure with the added functionalities required for modern work.
Luckily, companies are taking notice of recent trends and looking for ways to support their teams. Consider joining them. Do you want your next headline to read, “the Files include 124k+ leaked internal documents that highlight some questionable behavior?” (sorry, Uber).
Cyber Security and Data Security Sources
https://www.group-ib.com/resources/threat-research/2021-reports.html
https://threatpost.com/double-extortion-ransomware-data-leaks/176723/