Ransomware attacks more than doubled last year – these cybersecurity basics can protect you

The number of ransomware attacks has more than doubled over the last year as cyber criminals continue their relentless campaigns to hold networks and data to ransom.

According to an analysis by cybersecurity researchers at SonicWall, the volume of attempted ransomware attacks targeting their customers rose by 105% in 2021, to a total of 623.3 million attempted incidents throughout the year.

The figure also represents more than triple the number of attempted ransomware attacks recorded in 2019.

SEE: Cybersecurity: Let's get tactical (ZDNet special report)

The biggest surge in ransomware attacks came between June and September 2021, a period that featured some of the most significant incidents of last year. These included the Colonial Pipeline ransomware attack, the JBS ransomware attack, and the Kaseya ransomware attack.

Both Colonial and JBS were among the ransomware victims that opted to pay cyber criminals millions of dollars in ransom demands to obtain a decryption key to restore their networks.

Cybersecurity providers and law enforcement agencies recommend against giving in to ransom demands, as it shows criminals that ransomware attacks work. But in some cases, victims perceive it to be the most efficient way of restoring the network – although even with the correct decryption key, this can still take months of effort.

Cyber criminals are also using the extra leverage provided by threatening to leak data stolen from compromised networks if they don't receive a ransom payment.

According to SonicWall's statistics, the United States was by far the largest target for ransomware attacks, but the volume of detected incidents more than doubled in many regions around the world including Europe and Asia.

While action has been taken against some significant ransomware groups, such as the apparent takedown of REvil in January, the SonicWall report warns that this has been "largely ineffective" in stemming the tide of ransomware as a whole.

"Due to the lucrative nature of ransomware, as soon as one group is taken down, new ones rise to fill the void," says the paper.

But despite the continuing scourge of ransomware, according to SolarWinds, there are relatively simple steps that organisations can take to prevent them from falling victim – such as practising better password hygiene and using multi-factor authentication.

SEE: A winning strategy for cybersecurity (ZDNet special report)

Cracking simple passwords is one of the easiest ways for cyber criminals to gain access to accounts and networks, particularly if they're common passwords, or the username and password have previously been leaked in a breach. Using unique passwords on accounts can help prevent unauthorised access.

In addition, applying multi-factor authentication across the network provides an extra barrier of protection against hackers attempting to breach an account.

"The Colonial Pipeline breach could almost certainly have been prevented with the use of two-factor authentication," said the paper.

"While cyber defense has become more sophisticated and specialized over time, in some cases the simplest prevention is still some of the best".

MORE ON CYBERSECURITY

• Ransomware gangs are changing their tactics. That could prove very expensive for some victims
• Ransomware attackers targeted this company. Then defenders discovered something curious
• This company was hit with ransomware, but didn't have to pay up. Here's how they did it
• Ransomware: It's only a matter of time before a smart city falls victim, and we need to take action now
• Crooks are selling access to hacked networks. Ransomware gangs are their biggest customers