Ransomware attack duration sharply decline

Ransomware attacks had their average duration drop from more than two months in 2019 to only more than three days in 2021, signifying a 94.3% decrease, according to VentureBeat. Such a sharp decline was due to the growing ransomware-as-a-service industry and initial access broker economy, further exacerbated by BazarLoader, IcedID, and other malspam campaigns, a report from IBM X-Force revealed. "The criminal economies that support ransomware have continued to operationalize the business of ransomware and weve seen large increases in efficiency through things like the ransomware-as-a-service model, which has significantly lowered the barrier of entry for criminals to join in on the ransomware business or the rise of the initial access broker economy, which has dramatically increased the number of potential victims," said IBM X-Force Head of Research John Dwyer. The findings should prompt zero trust architecture adoption as well as the reduction of attack pathways, added Dwyer, who also called for increased response preparedness among organizations.