UK Ransomware Attacks Evolve to Target Smaller Businesses Strategically
Rise of Targeted Ransomware Attacks Hits Small Businesses Hard
A shift in tactics among ransomware actors has led to a surge in targeted attacks against small and medium-sized businesses (SMBs), with 88% of breaches involving SMBs compared to just 39% of large enterprises.
Surge in Successful Breaches
The number of successful ransomware compromises increased by 20% last year, despite a decrease in overall incident volume.
Persistence of Outdated “Zombie Tech”
The rise of targeted attacks has been facilitated by the persistence of outdated “zombie tech,” which refers to unpatched or vulnerable devices connected to the internet.
A specific vulnerability in a decade-old Hikvision IP camera was exploited over 67 million times, highlighting the need for organizations to prioritize patching and updating their systems.
Data Exfiltration: New Extortion Tactic
The primary extortion tactic employed by ransomware actors has shifted from file encryption to data exfiltration. This method is cheaper and just as effective for cybercriminals, who can now extract sensitive data without the need for encryption.
The average time to detect an attack remains high, at 181 days, underscoring the importance of improving breach detection capabilities.
Mitigating Threats
Organizations must take proactive steps to mitigate these threats, including addressing their zombie tech vulnerabilities and investing in robust breach detection technologies.
By doing so, they can reduce the risk of falling victim to targeted ransomware attacks and minimize the associated financial losses.