Despite ransomware’s continued prevalence, a decline in the amount of new families/unique variants highlights a potential opportunity to combat the problem.
Helsinki, Finland – June 22, 2022: The ongoing threat posed by ransomware continues to pain organizations. However, new research published byWithSecure™ (formerly known as F-Secure Business) highlights a potential opportunity to disrupt the cyber crime ecosystem that’s exacerbated the problem in recent years.
A new WithSecure™ threat update found that ransomware was the most prevalent threat type identified in 2021, demonstrating its dominance over other attacks faced by organizations. However, the number of new ransomware families and unique variants researchers discovered in 2021 decreased significantly compared to previous years.
There are several theories that could explain this drop. WithSecure™ Chief Technology Officer Christine Bejerasco feels that it likely points to threat actors consolidating their efforts, which creates new opportunities to combat the problem.
“If attackers are in fact consolidating their activities around core competencies, that makes the major ransomware-as-a-service providers crucial links in the supply chains of threat actors. And if we can break these links by neutralizing these significant providers, it could very well disrupt the ecosystem and provide some relief for defenders, at least for a little while,” explained Bejerasco.
Other significant ransomware developments highlighted by the threat update include:
· Ransomware accounted for nearly 17% of identified threats detected in 2021, making it the year’s most prevalent type of threat.
· WannaCry was 2021’s most prevalent ransomware family, followed by three ransomware-as-a-service (RaaS) families: GandCrab, REvil, and Phobos.
· Ransomware continued to impact a variety of industries and used multiple methods to penetrate defenses in 2021, making no organization off-limits to these attacks.
While Bejerasco sees room for optimism based on recent observations, she warns that turning the tide against ransomware gangs is complicated. It requires organizations, industries, and countries to embrace a co-security approach to the problem, which can prove challenging.
“Unlike authorities, threat actors can operate across borders with impunity, which gives them an advantage. Defenders need to focus on outcome-based security practices by first understanding the organizational or business outcomes they want and designing cyber security measures to support those outcomes. From there, organizations can identify risks to those outcomes, what digital assets are exposed to those risks, and the potential cyber threats those assets face,” she said. “Only then can they design a cyber security strategy that the whole organization can rally behind because it protects and supports what they want to achieve.”
More information on outcome-based security is available at https://www.withsecure.com/en/expertise/campaigns/with-or-without.
WithSecure™, formerly F-Secure Business, is cyber security’s reliable partner. IT service providers, MSSPs and businesses – along with the largest financial institutions, manufacturers, and thousands of the world’s most advanced communications and technology providers – trust us for outcome-based cyber security that protects and enables their operations. Our AI-driven protection secures endpoints and cloud collaboration, and our intelligent detection and response are powered by experts who identify business risks by proactively hunting for threats and confronting live attacks. Our consultants partner with enterprises and tech challengers to build resilience through evidence-based security advice. With more than 30 years of experience in building technology that meets business objectives, we’ve built our portfolio to grow with our partners through flexible commercial models.
WithSecure™ Corporation was founded in 1988, and is listed on NASDAQ OMX Helsinki Ltd.