Already a Record-Breaking Year for Ransomware, 2021 May Just Be Warming Up

18

By- Bill Conner, President and CEO at SonicWall

Bill Conner, President and CEO at SonicWall

We live in a nation preoccupied with the setting of new records. But while many records are newsworthy, not all of this news is good news. Two examples that have recently made headlines: the mid-June heatwave that has shattered temperature records all over the American West, and the unprecedented wave of ransomware attacks currently torching networks … well, just about everywhere.

“Through May, SonicWall recorded 226.3 million ransomware attacks, a 116% year-to-date increase over 2020, indicating cybercriminals’ rapidly evolving and highly profitable attack tactics,” said SonicWall President and CEO Bill Conner. “In fact, May 2021 was victim to the highest number of ransomware attacks we have ever recorded.”

Increases in ransomware attacks were recorded even in countries that had already been struggling with comparatively large amounts of ransomware, such as the U.S. and the U.K., which saw ransomware attacks spike 149% and 69%, respectively.

Since the beginning of the year, it seems that 2020’s perfect storm for cybercrime in general, and ransomware in particular, has only grown in intensity. On the heels of its late 2020 performance, itself record-breaking, Bitcoin continued thundering on into 2021, reaching a new high in each of the first four months of this year.

Around the world, fortunes were being made on cryptocurrency. And ransomware, its barriers to entry lower than ever due to readily available hacking tools and platforms such as Discord, attracted an increasing number of cybercriminals looking for a quick, easy way to obtain the bitcoin that could make their fortunes.

Unfortunately, in this storm, victims are finding that lightning strikes the same place twice with frightening regularity. Companies eager to move past increasingly sophisticated and debilitating ransomware attacks, and often sheltered by high-dollar ransomware insurance policies, too often pay the ransom — only to be targeted again shortly after.

According to ZDNet, roughly eight in 10 organizations that paid ransom demands were subsequently attacked again, with nearly half of these victims saying they believe the second attack was perpetrated by the same criminals as the first.

And these criminals are continuing their shift toward soft targets, including hospitals, utilities, schools and government agencies. In early March, Broward County School District in Fort Lauderdale, Fla., set its own record when it received a $40 million ransom demand — the highest ever for an educational institution.

And in May, the Colonial Pipeline ransomware attack brought one of the nation’s largest fuel transportation networks to a standstill for nearly a week, leading to fuel shortages and panic buying.

“The bombardment of ransomware attacks is forcing organizations into a constant state of defense rather than an offensive stance,” Conner said. “And as the tidal wave of ransomware attacks continues to crush company after company, there is a lot of speculation on how to keep individual organizations safe, but no real consensus on how to move forward when it comes to combating ransomware as a whole.

“Law enforcement agencies and political figures continue to voice opinions that constantly contradict each other on how best to fight adversaries that know no boundaries, do not adhere to international laws and are far from the charitable operators they claim to be,” Conner said. “The volume of targeted attacks on government organizations and enterprises that impact civilians, countries and the global economy will not end without a change in approach.”

But many countries — particularly those that have been hardest hit by ransomware, such as the U.S. and the U.K. — are mobilizing to fight back. With ransomware attacks now elevated to a matter of national security, increased funding for fighting cybercrime and penalties at the national level for countries that harbor ransomware groups could finally begin to turn the tide.

To find out which areas have been most impacted by 2021’s record ransomware — and whether the current flood of ransomware will rise to set new records in June and beyond — stay tuned for the mid-year update to the 2021 SonicWall Cyber Threat Report, coming in July 2021.