Ransomware in 2022: 2 damning reports
These are reports that will make some noise in the cybersecurity world even if they state things we already knew. Researchers from Barracuda Networks and Microsoft show an increase in attacks. And it’s not just due to software failures.
Huge volume of attacks in the first half of 2022
Barracuda Networks researchers have studied the volume of attacks as well as the types of attacks in the most publicized cases. And it is chilling.
Indeed, in the first 6 months of 2022 alone, the volume of attacks detected due to ransomware reaches the figure of 1.2 million per month.
Moreover, the affected targets are often part of the following sectors of activity: education, municipalities, health, infrastructures of any kind and of course finance. Some sectors are more impacted than others since the level of attacks against municipalities, for example, has remained relatively stable. While the level of attacks against education has doubled and those against health or finance have tripled. A recent case in France is the ransomware attack on the hospital of Corbeil-Essones in the Ile-de-France region, which made a lot of noise.
But what you have to understand about ransomware attacks is that in order to hit big targets, hackers have to go through smaller targets which, once compromised (as it was the case for the South Staffordshire Water) are a gateway to catch a bigger fish.
With this in mind, Barracuda Networks advises security vendors to offer easy and affordable products to help small businesses protect themselves against this threat.
Microsoft says 80% of ransomware attacks are caused by misconfigured servers
For Microsoft, most attacks could be contained simply by reading the default options of installed software. Indeed, many settings are defined by “inheritance” that is to say are default settings, often insufficiently secure, which have never been changed.
And if these softwares can be useful to the organization, it is also necessary to understand that they are as many entry points that can be used by hackers.
Other entry points are misconfigurations of cloud systems, which are increasingly used since the pandemic. And sometimes it’s even user macros that can be exploited to create vulnerabilities in the system.
In conclusion, with a slightly stricter security policy, many organizations could be better protected against basic ransomware attacks.