Details from cyber security firms have confirmed that ransomware payments and extortion attempts from cyber attacks have doubled in 2020, signaling the importance of an information security management system to mitigate online risks.
The numbers come from an InfoSecurity report that quotes a number of heads of tech and cyber security firms who say that cyber criminals are emboldened by the age of remote work and are consistently looking for new avenues to compromise organisations with cyber attacks.
The findings are that ransomware payments and extortion attempts from cyber attacks have doubled in the first six-months of 2020, and are set to become increasingly costly.
Paul Bantick, head of cyber and technology at cyber security firm Beazley has said that “our underwriting, claims and threat intelligence database shows that ransomware attacks are much more sophisticated and severe, thus, it is critical that organisations adopt a layered approach to security and take stringent measures to make it hard for threat actors at every step.”
Beazley cyber security says that there are a number of threats that organisations need to be vigilant of, and prepare for. The problem is being compounded by the fact that ransomware payments and extortion attempts & extortion from cyber attacks has managed to double for the year 2020.
“Ransomware is avoidable but requires regular and thorough training of employees on how to avoid this evolving threat,” Beazley says.
“Organisations should not only try to prevent a ransomware infection, but prepare in case they do get infected, through multiple layers of security, each reducing the risk and probability of ransomware.”
Learn More about an ISO 27001 Information Security Management System
Beazley says that its data says that organisations are increasingly paying ransoms to hackers after a ransomware attack, and this has caused cyber criminals to increase their payment demands after a ransomware attack.
This is strengthened by a quote from Jack Kudale, the founder and CEO of Cowbell Cyber, who says that hackers are increasingly targeting organisations they know are lacking in cyber security policies, information security systems, and often don’t have their data backed up.
Kudale says that “in other words, ransomware attacks are working for the criminals and they can demand higher payment.”
“Businesses have to consider the financial impact of a ransomware attack beyond the ransom payment; business interruption, loss of income and now breach damages such as compromised data,” he continued to explain. “The best outcome for businesses is to have a backup and subscribe to a cyber insurance policy that covers recovery expenses and brings expertise in negotiating a ransom payment if at all needed.”
New Net Technologies’ Global Vice President, Dirk Schrader has told Infosecurity that in the wake of ransomware payments & extortion attempts from cyber attacks managing to double in 2020, hackers are increasingly using an organisation’s reputation as a bargaining chip to enforce a payment from the victim.
“If the victim is a valuable, known brand, serving thousands of customers, the threat to publish the data increases the chances to get what they ask for,” Schrader said. “A prominent example for this approach is the case of the utilities provider in the German city of Ludwigshafen, where the attackers actually published the full data set as the provider refused to pay.”
Cyber risks remain for both small and large scale organisations, as hackers look to exploit a lack of security protocols in smaller businesses and leverage the reputation of a large company in order to demand a ransom payment.
Click Here for your Free ISO 27001 Gap Analysis Checklist
