Ransomware Emerges as Most Destructive Cybersecurity Trend of 2020

Ransomware Emerges as Most Destructive Cybersecurity Trend of 2020

As if the COVID-19 pandemic wasn’t bad enough, the unpredictable events of 2020 created the perfect storm for a huge escalation in ransomware attacks.

Almost overnight, businesses transitioned to a remote workforce introducing unique exposures and vulnerabilities that were quickly exploited by aggressive forms of ransomware. Studies show that in the first two weeks of March there was a five-fold increase in ransomware attacks. By mid-2020 the number of reported global ransomware incidents increased by an astonishing 715% year-over-year. 

This isn’t surprising. Ransomware attacks are a phenomenally successful and profitable business for cyber criminals. The average ransom is $1.1 million, and a quarter of all ransomware victims pay their attackers, further fueling the cycle.

Ransomware Trends eBook

Ransomware attacks have been rising at an alarming rate — with victims ranging from one of the largest fuel suppliers in the United States to Ireland’s Department of Health. Download our ebook to learn more about:

  • The latest tactics used by ransomware groups
  • Bitsight’s analysis of data on hundreds of ransomware events
  • Best practices to protect your organization

Below we look at some of the most significant ransomware attacks for 2020, as well as ways organizations can reduce their risk exposure to these devastating hacks in 2021.

The big ransomware attacks of 2020

One of the most notable ransomware attacks of 2020 involved fitness brand Garmin, whose entire digital infrastructure was disrupted by malicious actors for several days in July. The hack shut down the company’s website, corporate email, call centers, customer applications, and the company’s lesser-known aviation industry services used by aircraft for critical flight planning and mapping tasks. 

The breach was so impactful employing the WastedLocker ransomware strain that Garmin is reported to have paid the $10 million ransom to reclaim control of its operations – a real-world indication that ransomware is most powerful when it disrupts customer operations.

Also in July, hackers were busy infiltrating another target – Blackbaud. A leading cloud services provider and a lucrative, data-rich target for hackers, Blackbaud’s clients include prominent universities, hospitals, and public health institutions. This deliberate supply chain attack resulted in the exfiltration of millions of sensitive student, patient, and donor data records and is thought to be one of the largest breaches in 2020 involving patient health information. Adding to the PR and security nightmare, Blackbaud failed to notify its U.S. and UK clients of the attack for several weeks and could face significant fines for violating the GDPR breach reporting law.

These attacks are just the tip of the iceberg, but they shine a spotlight on the risks organizations face as they digitally transform, increase their reliance on cloud technologies, and become more interconnected with outside networks. This has led to the massive attack surface expansion and fueled a surge in opportunistic ransomware attacks.

Bad actors are continually probing an organization’s digital footprint for a way in. When a weakness or vulnerability is found – such as a misconfigured app in a cloud service or a vulnerable and long forgotten domain address – they take advantage.

Identifying Unique Risks of WFH Remote Office

Work from home-remote office networks are 7.5x more likely to have at least five distinct families of malware. Learn more about the hidden dangers lurking in residential networks.

To prevent ransomware attacks, organizations need visibility into their expanded attack surface

The best way to manage this growing attack surface and reduce the risk of a ransomware attack is through visibility. After all, you can’t secure what you can’t see. Even if you've invested in the latest firewalls and threat intelligence technology, a single unpatched cloud asset or insecure vendor can wreak havoc. As the saying goes, it's not the mountain you climb but the pebble in your shoe.

If you can visualize the common vulnerabilities and exploits in your ecosystem, you can put together a security program that proactively closes security gaps before they are exploited. It could be that you need to adjust your software patching cadence, invest in better cloud firewalls, close any ports that are left unnecessarily open, or do a better job of evaluating and monitoring third parties for cyber risks.

Ransomeware risk mitigation takes on new urgency

In the cybersecurity world, 2020 will be remembered for the SolarWinds Orion hack. But the escalating ransomware threat cannot be ignored. Just imagine the nightmare scenario that would have transpired if the intent of those behind the SolarWinds attack hadn’t cyber espionage, but instead to hold government agencies and large parts of the US economy for ransom. This prospect alone further reinforces the urgency that organizations need to do everything they can to mitigate risk and secure their attack surface.

Attack Surface Analytics Report

Request your free custom report and see how you can start reducing your cyber risk exposure across your digital ecosystem: cloud assets across all geos & subsidiaries; discover shadow IT; security risk findings; and more!