The year that was: Ransomware trends that shaped 2020

ransomware attacks

The year 2020 will be remembered for all the wrong reasons. The COVID-19 pandemic started in China and spread wide and fast. By the time February came around, there was panic worldwide. There were strict stay-at-home orders which brought life to a standstill. While most people were trying to navigate this new world and figure out how to protect themselves while  still conducting business, there were others who tried to take advantage of this unprecedented situation.

Cybercriminals quickly upped their ante and stole billions of dollars from unsuspecting victims. According to McAfee, cybercrime could well have cost the world a staggering US$954 billion in 2020!

According to McAfee, cybercrime could well have cost the world a staggering US$954 billion in 2020.

Unparalleled ransomware attacks

A worrisome trend that emerged in 2020 and that will follow us in 2021 is the exponential rise in ransomware attacks. These attacks grew, not just in staggering numbers but also in sophistication. From government to healthcare, educational institutions, and businesses, no one was spared. Hackers exploited the changing work environment as people turned to work remotely, students moved to online classes, and healthcare was stretched to its limits.

Hackers took advantage of the almost non-existent endpoint protection on devices used by remote workers and used that vulnerability as an entry point to breach company systems. Once they were in, they released ransomware payloads, malicious software that blocks access to computer systems. This way, they could block employees from accessing their own data, allowing the attackers to demand huge monies (read ransom) to restore access.

These attackers did not just target large corporations, but also attacked low-hanging fruit, i.e., SMBs. Security experts say that ransomware attacks increased 40% to 199.7 million attacks globally just in the third quarter of the year. While the US was the most targeted country, it was followed closely by India, Sri Lanka, Russia, and Turkey.

Security experts say that ransomware attacks increased 40% to 199.7 million attacks globally just in the third quarter of the year.

Using good old email

Emails continue to be the most common vector cybercriminals use for ransomware infections. A well-drafted legitimate looking email is sent, encouraging people to click on a link or download an attachment.  This is called a phishing attack. Once the user clicks on the link, it drops a malicious payload designed to hijack the user’s computer and the network it is connected to. Interestingly, hackers exploited people’s anxieties by sending them emails about Coronavirus that would naturally compel them to click on such malicious links.

Besides holding information to ransom, cybercriminals were also able to compromise laptops, mobile devices, and networks to steal business-critical data, passwords, confidential customer information, patient data, payment information, bank details, and more during 2020.

Some of the most significant ransomware victims of 2020 include German tech firm Software AG that saw cybercriminals demanding US$20 million  as ransom, French IT service company Sopra Steria, US legal firm Seyfarth Shaw, and cruise line operator Carnival Corporation, among others.

Phishing, insider threats, and more

While ransomware witnessed a stark increase, other data breaches affected businesses as well. Phishing, malware, endpoint security, cloud-jacking, insider threats, and Internet of Things (IoT) malware attacks, all gave leaders of small, medium, and large enterprises sleepless nights.

Key cybersecurity statistics to know

• 43% of cyberattacks target small businesses

• The average cost of a data breach for an SMB is US$3.2 million

• 95% of data breaches are due to human error

• More than 77% of organizations do not have a Cyber Security Incident Response plan

• With no response plan in place, most businesses take an average of six months to detect a data breach

• Cybercrime will cost businesses an astounding US$6 trillion globally by 2021

These alarming numbers tell us that it is more important than ever to safeguard mission-critical data and digital assets. Take proactive steps to protect your data and mitigate security threats with leading-edge technologies such as Parablu’s BluVault, designed to keep your data safe from ransomware while ensuring that your backup copies are available to you at all times. BluVault is powered by BluKrypt an encryption and obfuscation engine, designed to protect data both while in transit and at rest.  

While businesses cannot predict or control a crisis, like in the case of the COVID-19 pandemic, they do have an opportunity to adopt new and better practices to build resilience. To quote Rahm Emanuel, the former Mayor of Chicago, “You never want a serious crisis to go to waste. And what I mean by that is an opportunity to do things that you think you could not do before.”

Get in touch with us today to find out how our award-winning products and solutions can help you enhance cloud security in 2021.