SonicWall has released their Mid-Year Update: 2021 SonicWall Cyber Threat Report — find out what the experts have to say about it, and what it means for you.
A recent report by SonicWall offers an informed view of the current cybercrime threat landscape in 2021 — and it doesn’t look good. The many statistics and figures in the report paint a grim picture for small businesses and schools.
Do you know what lessons you should be learning from reports like these?
In order to help you understand the key takeaways from the in-depth research in this report, we’ve gathered key insight from our very own cybersecurity expert, Anthony Buonaspina (BSEE, BSCS, CPACC), CEO and Founder, LI Tech Advisors.
“Cybersecurity is similar to warfare,” says Anthony. “We ARE at war with cybercriminals, who always seem to find a weakness and exploit it.”
According to this mid-year report from SonicWall on cyber threats, the increase in cyber-attacks on all fronts is increasing at an alarming rate. Over the first half of 2021, cybersecurity experts logged different attack types at the following rates:
Ransomware is by far the most concerning right now, as the number of attacks has gone up by 150% in comparison to last year. The main reason for this is it’s the most profitable, accounting for over $6 trillion in illicit gains around the world just this year (according to Cybercrime Magazine). As more and more organizations are having to pay the ransom demanded by attackers, the more incentive these cybercriminal groups have to launch these types of profitable attacks.
Just a few years ago, ransomware wasn’t as big of a concern. While high-profile incidents like the WannaCry attack on the NHS were concerning, they were far and few between. If you had a recent backup of your data in place, you could rely on that to replace your data in the event it was encrypted by ransomware.
Since then, however, the way cybercriminals use ransomware has evolved. They have improved their tactics and capabilities, allowing them to do much more damage, and demand much more money. Characteristics of modern ransomware attacks include:
Given the effectiveness of modern ransomware attacks, defensive methods and best practices from just a few years ago are already losing feasibility. According to this SonicWall report “Even if we don’t record a single ransomware attempt in the entire second half (which is irrationally optimistic), 2021 will already go down as the worst year for ransomware SonicWall has ever recorded”.
For the record, however, ransomware attacks will continue at an alarming rate through the remainder of the year. Experts estimate that a ransomware attack will occur every 11 seconds in 2021.
Short answer? Not necessarily.
Ransomware groups are now not just encrypting files — they have also found ways to encrypt backups. That is why some backup solution providers are now offering “air-gapped” or offline backups to protect data from encryption.
However, even with a target organization being able to restore their backups, ransomware groups are now stealing the companies data before encrypting it and holding it hostage until the ransom is paid. They threaten the company with the release of all their sensitive data and intellectual property online, which carries as much of a threat as encryption. Organizations are then forced to pay the ransom in order to preserve the secrecy of their intellectual property and protect their customers' personally identifiable information.
This report also sheds light on the increasing rates of cybercrime in our client base —the educational sector. Studies show that education organizations are being targeted at a much higher rate than many other industries.
According to this SonicWall report “By June, government customers were getting hit with roughly 10 times more ransomware attempts than average”, “but in three out of six months during the first half of 2021, education customers saw even more.”
“Based on our experience, most schools are soft targets for cybercriminals since they usually don’t invest enough into the level of security needed to protect their environment,” says Anthony. “The best protection against an attack is taking proactive measures.”
“It’s a game of measures and countermeasures. For every weakness that a cybercriminal finds, we need to counter it with additional security,” says Anthony. “But, as they say, ‘The Street Always Seems to Find A Way’.”
That’s why you need to remain committed to developing and improving your cybersecurity defense. Here is a list of tips for small businesses and schools to help protect themselves against ransomware cybercrimes and quickly recover if attacked:
The cyber threat landscape has continued to evolve and attacks are growing in number and sophistication. On the Internet, all organizations look alike and, big or small — they are as likely to be targeted as not.
It is no longer a random game of chance played by hackers looking to cash in on a few bucks here and there. Cybercrime is big business, with hackers operating with impunity in foreign countries who are more than likely supporting their activities, building an industry that generated massive revenue over the past year.
In summary, there will never be a way to be 100% protected from an attack, or worse, an actual breach. However, by implementing the proper security measures, training, and constant re-evaluation of these security measures, the risk of being infected with ransomware can be dramatically reduced.
Get in touch with the LI Tech Advisors team to discover more about developing a modern ransomware defense.
Anthony has been in the MSP business since before the acronym existed. Managed IT once started as break-fix solutions and some light phone support.
Since then, he has seen the industry flourish into a landscape of platforms, cloud servers, software tools and AI . Tailoring network configurations and software stacks to the specific needs of each business.
In his current role, he focuses on proactive planning, ensuring clients can avoid potential issues altogether. This involves meticulous planning for enhanced business continuity, allowing swift resolution of any unforeseen challenges. What initially began as addressing "fires" through break-fix solutions has evolved into a proactive approach, ensuring that such issues are prevented from arising in the first place.