Held to ransom: the rising ransomware threat (Part 02)

May 04, 2023 || Strategix

We know that ransomware is expensive. We know that it’s sophisticated, determined, well-funded and on an upward evolutionary trajectory. In our first part of this series we looked at the hits ransomware made from 2015 – 2017, now we dig into what happened from 2018 to today, and some of the nasty attacks that have leapt into South African inboxes yelling, ‘SURPRISE!’

Ransom Timeline

In 2018:

According to Statista, the total number of ransomware attacks worldwide in 2018 reached 100,907 for those aimed at consumers, and 444,259 aimed at enterprises.

  • 71% of attacks were aimed at small businesses
  • Colorado Department of Transportation saw more than 2,000 machines shut down after an attack
  • The City of Atlanta was hit, hard and the expected bill for recovery at the time? $17 million.

In 2019:

  • City Power saw its databases, network and applications encrypted – twice.
  • Kaspersky called it the year of attacks on universities
  • The Civil Aviation Authority was hit in July 2019
  • Mimecast detected more than 116,000 attacks in SA in July

In 2020:

  • A US natural gas facility had to shut down its pipeline after an unknown malware infected its systems
  • Ragnar Locker ransomware encrypted Energias de Portugal’s systems and demanded $10.9 million in bitcoin as payment
  • The Life Healthcare Group was attacked in the middle of lockdown and brought admissions, emails and processes to a grinding halt.
  • Tracker was hit by ransomware that encrypted systems and caused disruption.

In 2021:

  • Nama Khoi municipality hit by the Pysa ransomware
  • Debt-IN consultants saw more than 1.4 million personal records released to the dark web after an attack marking a new trend in stealing the data before encrypting it to sell on to the highest bidder.
  • Transnet’s critical systems were affected by the HelloKitty ransomware and there were fears it would spread to SARS and Customs as the systems were linked

Then, in 2022:

While there were significant attacks between 2017 and 2021, it’s easy to see how ransomware has been ramping up in both sophistication and capability over the past eight years. In addition to smart functionality and intelligent threat capabilities, ransomware has evolved to become a service and this has changed the landscape considerably. Over the past year, the attacks that stood out were:

  • Russia hacked Ukraine
  • Oktapus compromised more than 10,000 accounts across 130 companies
  • The FBI released a warning about the ransomware group HIVE
  • The Lapsus$ gang ran rampant through the year, and organisations
  • The attacks got smarter and more virulent

The list is a concern. The conclusion is not – if ransomware can be a service, then protection can be too. And as-a-service protection means backup, restore, data protection and security wrapped into a bundle that delivers, among other things, peace of mind.

Discover data protection as a service with Rubrik. Stay informed. Stay protected.

Recent Posts