Cyber criminals adjusting their tactics to target data

Examination of law enforcement successes against ransomware agents in recent years reveals a resulting adjustment among cyber criminals.  Despite some important figures of criminal gangs being apprehended, many who remain have learned from the experience and are switching their focus to demanding higher ransoms in place of a wider attack net.  Rather than incur the heat of international law enforcement and major investigations by breaching larger firms, a study from Coveware is now showing some cyber criminals seeking a more surreptitious path.

Essentially, this means they want to turn a profit without bringing much probing attention upon themselves.  In plain numbers, companies with over 50,000 employees saw a reduction in incidents, with hackers choosing to target more mid-sized firms.  Organizations with under a thousand employees experienced 82% of attacks, according to the report.

In Q4 of 2021, the average ransom payment rose by 130% to over $320,000.  During this period, 84% of incidents also saw data stolen from their targets, and that number factors in how many attempts must have been detected and foiled.

These figures offer convincing evidence for 2021 being the most “prolific year on record for data breaches,” as Help Net Security states.  Over 1,500 data security incidents analyzed by the Identity Theft Resource Center revealed a 68% increase in total reported data incidents compared to 2020, 83% of which exposed almost 900 million sensitive data records of over 150 million individuals.  In total, 1,862 incidents were reported by firms across the US, with data stolen including Social Security numbers, personal health information (PHI), bank info and driver’s licenses, as well as credit card details, to name several.

The usual suspects remain in play for attack vectors.  Third-party associates accounted for 25% of breaches in the report, while phishing was right on their tail at 23% in total.  Ransomware, as per our recent reports, continues to rise in use, evidenced by the 17% it occupies.

All organizations are subject to cyber crime, from business services (35% of the total) to healthcare (17%), and everyone needs to protect their valuable data.  NetLib Security’s Encryptionizer solution offers transparent encryption of stored data, providing a critical component of any company’s data security stance.  In the fight against cyber criminals, every measure must be taken to provide powerful protection for sensitive data.  Keeping data encrypted ensures a substantial mitigation of damage for when an intruder gets through.


By: Jonathan Weicher, post on February 10, 2022
Originally published at: https://www.netlibsecurity.com
Copyright: NetLib Security