The Problem with Ransomware Is Getting Worse

Not too long ago, cyberattacks spread computer viruses to target systems and made them unstable. As modern attack tools have developed, though, a new criminal model has appeared. Ransomware harms the targeted systems and extorts money from victims by encrypting their files and taking them hostage.

A recent report by Malwarebytes announced a surge in global ransomware attacks in 2023, according to Bleeping Computer. There were 1,900 attacks in just one year against the United States, Germany, France, and the UK. By 2031, global ransomware attacks will have cost around $265 billion annually.

Large organizations were initially the primary targets of ransomware attacks, but they are no longer the only victims. Small and medium-sized businesses, as well as individuals and schools, are now being targeted more frequently.

Ransomware-as-a-Service (RaaS) models have enabled cybercriminals who lack technical skills to launch attacks. The profits from ransomware attacks have made it a lucrative method for them to earn money. Ransomware groups often base their ransom demands on a percentage of the victim company’s annual revenue — usually 3 percent.

They are investing part of the ransom payments to develop more robust attack tools and invent new attack methods. For example, they are outsourcing initial access through access brokers, exploiting zero-day vulnerabilities, using legitimate penetration testing tools to deliver the payloads, compromising websites, and relying on password-related attacks.

Password-related attacks are a common method for ransomware operators to access targets, including credentials stuffing, brute-force attacks, password spraying, phishing attacks, password guessing, and default password exploitation. The most deployed ransomware variant is LockBit, which focuses on exploiting password-related vulnerabilities.

Ransomware is a persistent cyber threat that continues to evolve. To fight it effectively, organizations need to adopt a layered security model involving robust password policies and deploying various security solutions. As many ransomware attacks begin with a compromised password, blocking the use of over four billion unique compromised passwords helps prevent these types of cyberattacks.