• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

FutureCISO Security Alert: Application vulnerabilities are fodder to ransomware attacks

FutureCIO Editors by FutureCIO Editors
August 16, 2021
Photo by Mati Mango from Pexels: https://www.pexels.com/photo/numbers-projected-on-face-5952651/

Photo by Mati Mango from Pexels: https://www.pexels.com/photo/numbers-projected-on-face-5952651/

The frequency of ransomware attacks has increased dramatically over the past year, with most of these costly attacks targeting businesses.

In the past 12 months, Barracuda researchers reported a huge 64% uptick in the number of ransomware attacks compared with the previous year, with attacks on corporations, including infrastructure, travel, financial services, and other businesses accounting for more than half of all attacks (57%) between August 2020 and July 2021, a 39% increase since last year.

According to the study, municipalities are the second most attractive target for ransomware hackers (16%), followed closely by education (13%) and healthcare (13%).

And while results show that cybercriminals are still heavily focused on organisations based in the United States (44%), researchers noted that ransomware is a pervasive issue across the globe with 30% of attacks targeting organisations in Europe, the Middle East and Africa (EMEA), 11% targeting Asia-Pacific countries, 10% in South America and 8% in Canada and Mexico.

Modus operandi

Ransomware attacks see cybercriminals using malicious software, delivered as an email attachment or link, to infect the network and lock email, data, and other critical files until a ransom is paid.

These evolving and sophisticated attacks can cripple day-to-day operations, cause chaos, and result in financial losses from downtime, ransom payments, recovery costs, and other unbudgeted and unanticipated expenses.

Barracuda researchers say these attacks are becoming even more deadly as cybercriminals level up their tactics and attack patterns, and with it, their ransom payment demands. Today, the average ransom ask per incident is over US$10 million, with only 18% asking for less, and a huge 30% asking for more than US$30 million per incident.

Attack pattern

The analysis also revealed that many of these attacks are being led by a handful of high-profile ransomware gangs, including REvil, which was responsible for 19% of attacks, and DarkSide (8%).

When it came to evolving attack patterns, researchers found that instead of just relying on malicious links and attachments to deliver ransomware, current attacks see cybercriminals using phishing attacks to steal credentials, before using them to compromise the victim’s web applications, such as web portals or software-as-a-service (SaaS) apps, to introduce ransomware and other malware onto the victim’s system, infecting the network as well other users of the application.

Barracuda also saw a rise in hackers using double extortion schemes, where after stealing sensitive data from their victims, they demand payment in exchange for promising not to publish or sell the data to other criminals. Since criminals cannot be trusted, victims who pay are often contacted several months later and asked for another payment to keep the stolen data secret. Some ransomware criminals will accept payment but sell the data anyway.

Mark Lukie

Barracuda systems engineer manager for Asia-Pacific Mark Lukie commented that ransomware is an issue that is not going away anytime soon, and can affect businesses of all sizes, as attackers often start with small organisations that are connected to the larger targets and then work their way up towards bigger paydays in the future.

To safeguard against attacks, Barracuda urges businesses to do everything they can to prevent credentials loss, like training staff for email security awareness and implementing anti-phishing capabilities in email. The company recommends implementing watertight security solutions to secure web applications; taking a zero-trust approach to secure access and endpoint security, backing up data and enabling a secure data protection solution to recover critical data in the worst-case scenario.

“Prevention is always better than remediation, so making sure that you are doing everything you can to protect against these increasingly sophisticated and costly attacks is the best way you can be confident in saying no to ransomware criminals,” suggested Lukie.

Related:  Patching hampers open-source security efforts
Tags: BarracudahackersransomwareREvil
FutureCIO Editors

FutureCIO Editors

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe