Depending on the reports you’ve read, there are various messages circulating about the current state of ransomware in 2022: it’s either up or down, and there are numerous nuances that can explain the cause of the trends. How are you supposed to know what to believe or how to react in the best interest of your business?
There are details that every version of the narrative shares:
- Since the dawn of ransomware in 1989, the number of attacks perpetrated by threat actors (intent) on disrupting your business or encrypting and exfiltrating your critical data has never again been zero! Pretending otherwise is a bad decision.
- For those who are victims of ransomware and other forms of malware, the underlying trends, survey results, or blog headlines are irrelevant. The impacts are devastatingly real and have driven businesses to bankruptcy.
- There are steps that individuals and businesses could have taken—and still can take—to reduce the likelihood of being affected by the maliciousness of threat actors.
The current threat landscape, ransomware specifically, is certainly influenced by the ongoing Russian invasion of Ukraine. Threat intelligence indicates that approximately 75% of ransomware attacks originate with Russian-linked threat actors, many of whom are state-sponsored, and associated ransom payments end up in Russian-linked accounts. Since the invasion commenced, a new preoccupation of many threat actors is focused ‘inward’ on localized warfare and not ‘outward’ on various businesses, enterprises, and organizations around the globe.
If this were a stock market focused article, we might say something here like “buy now and hold”. Because this is a cybersecurity focused newsletter, we mean “do not sleep on ransomware attacks declining if the headline indicates as much, and if ransomware is increasing, be sure to get optimally secured now.”
In considering the big picture, there are 4 primary steps you can take to maintain vigilance without regard to the nuances of the threat landscape:
- Secure an Incident Response retainer in case something unfortunate happens—like being actively targeted by threat actors—before you’re able to fully implement the security measures necessary to protect your vital and sensitive data. For MSPs, having an IR team in place can provide you and your clients with peace of mind.
- Assess the current security maturity of your organization. Every business must increase cyber resilience and its ability to defend against the predations of threat actors. Partnering with a cybersecurity company that can complete network vulnerability assessments, penetration testing, and overall security architecture review is necessary to ensure your policies, personnel, and security stack are properly configured to defend against current and future cyber threats.
- Engage with a cybersecurity partner with a fully managed, 24x7x365 solution that includes a Security Operations Center (SOC), endpoint detection and response software with real-time remote remediation capabilities by experienced and engaged engineers. Our ShadowSpear Platform is the right tool for this job: it is a fully integrable security solution powered by our 24x7x365 SOC designed to prevent threat actors from gaining a foothold in your environment.
- Stop reading the headlines. Ransomware operators are relentless in their pursuit of unsecured data they can steal for financial gain. Regardless of what the latest report indicates, the threats are and will continue to be very real.
