New statistics have highlighted poor corporate security and a flourishing ransomware-as-a-service (RaaS) affiliate market are to blame for the continual rise in ransomware hits. Access to compromised networks is cheap and attainable, thanks to a rise in the number of initial-access brokers and RaaS tools can turn a rookie criminal into a full-blown cyber criminal in just a short period of time.
Researchers have found startling numbers behind what the report calls an “unholy alliance” between ransomware operators and corporate-access brokers — which analysts said has fuelled a 935% spike in the number of organisations which had their stolen data exposed on a data leak site (DLS). Ransomware groups have increasingly used the tactic called double extortion, where they not only steal a company’s data, but threaten to publish it to ratchet up the pressure to pay a ransom. The report proves these groups are following through on the threats.
Over the past year, researchers identified the number of active initial-access brokers jumped from 85 to 229 and the sheer number of offers to sell access tripled, from 362 to 1,099. The researchers report said: “Poor corporate cyber-risk management combined with the fact that tools for conducting attacks against corporate networks are widely available both contributed to a record-breaking rise in the number of initial access brokers.”
RaaS affiliates also grew this year. The report found 21 new RaaS affiliate programs over the past year and the number of new leak sites more than doubled to 28. Over the first three quarters of 2021, 47% more stolen company data was leaked on ransomware operators’ leak sites than during all of 2020, according to the report. However, the report reminds readers that paying the ransom is no guarantee the data won’t be leaked anyway.
Also, the real number of victims is probably larger than detected, the firm found: “Taking into account that cyber criminals release data relating to only about 10% of their victims, the actual number of ransomware attack victims is likely to be dozens more.”
The Conti ransomware gang is the worst offender, leaking data on around 361 targets and accounting for about 16.5 percent of all the exfiltrated data published on DLSs in 2021. To top it off, besides ransomware, the affiliate market for phishing scams is also on the march, with over 70 new programmes popping up over the last year, with scammers stealing over £7.5 million over the last year alone.
The news highlights the need for businesses to stay aware of the large threat cyber criminals pose to their future. Phishing Awareness Training can help inform your employees about what to expect and look out for, when it comes to receiving spam communications. Participants will receive real-life examples of phishing activity in their emails, with management being notified if they click through and engage with the scams. This will help highlight that certain employees need a bit more education around how to deal with cyber threats, which in the end can lead to a safer, more secure business.