Ransomware to cause 30 bn damage

A report from Acronis predicts that ransomware could cause $30 billion in damages to global organizations by 2023, thereby remaining the top cyber threat to corporates and governments. Nearly half of all reported breaches in the first half of this year involved stolen credentials.

Cyber-attacks have contributed to a loss of more than $60 billion in decentralised finance (DeFi) currency since 2012 and $44 billion of that has vanished during the last 12 months. Ransomware underlines how over-complexity in IT and infrastructure leads to increased attacks.

Nearly half of all reported breaches during the first half of 2022 involved stolen credentials, which enable phishing and ransomware campaigns, according to the report. To extract credentials and other sensitive information, cybercriminals use phishing and malicious emails as their preferred infection vectors.

Nearly one per cent of all emails contain malicious links or files, and more than one-quarter (26.5 per cent) of all emails were delivered to the user's inbox (not blocked by Microsoft365).

“Organisations of all sizes need a holistic approach to cybersecurity that integrates everything from anti-malware to email-security and vulnerability-assessment capabilities,” experts say.

Ransomware gangs, like Conti and Lapsus$, are inflicting serious damage. The Conti gang demanded $10 million in ransom from the Costa Rican government and has published much of the 672GB of data it stole. Lapsus$ stole 1 TB of data and leaked credentials of over 70,000 Nvidia users. The same gang also stole 30 GB worth of T-Mobile's source code.

“Six hundred malicious email campaigns made their way across the internet in the first half of 2022 and 58 per cent of the emails were phishing attempts. Another 28 per cent of those emails featured malware,” the report noted.

The business world is increasingly distributed, and in Q2, an average of 8.3% of endpoints tried to access malicious URLs.

Dr. Deepak Kumar Sahu, President & CEO, VARINDIA