Trustwave released its 2022 ransomware report, pointing out that just as security researchers continue to develop new methodologies and techniques to keep adversarial groups at bay, ransomware groups continue to do the same.
In a Jan. 5 blog post, Trustwave’s SpiderLabs detailed the activities of the leading ransomware threat groups: LockBit 3.0, Black Basta, Hive and BlackCat/ALPHV.
The researchers said these groups will continue to develop and expand if they continue to have success with their attacks — and they have. SpiderLabs said with an average of 1 out of every 40 organizations being hit by ransomware, it’s clear the industry needs proactive identification of potential threats so they can be mitigated properly before costing an organization millions of dollars.
SpiderLabs said early identification of a threat can be the difference between taking a single host offline for a few hours to remediate or taking an average of 22 days of recovery to bounce back after a ransomware attack, potentially from one of the leading ransomware groups.
Ransomware continues to reward its creators financially and they invest some of those rewards back into making the next version more profitable, said Joseph Carson, chief security scientist and Advisory CISO at Delinea. Carson said while some countries continue to provide safe havens for cybercriminal gangs to operate, ransomware will continue to cause havoc for many organizations around the world.
“Eventually, ransomware will evolve so much it will start to impact the physical world, locking you out of your car, your home and your digital life,” Carson said. “Cybercriminals are also researching ways around the latest security controls and have invested resources and time into social engineering focused on abusing users' trust and targeting cyber fatigue. It’s critical that IT professionals are current with the ransomware trends and techniques as it will help IT professionals identify the best ways to reduce those risks and enhance the security controls for the business they are hired to protect.”
Martijn Loderus, vice president of solutions and delivery at Symmetry Systems, said moving forward, focusing on zero-trust for data will be critical to combatting high-profile ransomware incidents and security issues resulting from the hybrid or completely remote workforces.
“In the coming year, we can anticipate that organizations will continue to seek cybersecurity measures that harden their defenses against future threats,” Loderus said. “The recent escalation in ransomware attacks and data leaks over the past couple years has forced business leaders to expect that involvement in a breach is high."