ao link
Affino
Search Teiss
My Account
Remember Login
My Account
Remember Login

Press Release | Pressure points: 83% of successful ransomware attacks feature double or triple extortion tactics

Linked InTwitterFacebook

New Venafi research shows that ransomware attackers are regularly exfiltrating data, circumventing ‘restore from backup’ safety measures

 

SALT LAKE CITY – February 23rd, 2022 — Venafi®the inventor and leading provider of machine identity management, today announced the findings of a global survey of IT decision-makers looking into the use of double and triple extortion as part of ransomware attacks. The data reveals that 83% of successful ransomware attacks now include alternative extortion methods, such as using the stolen data to extort customers (38%), exposing data on the dark web (35%), and informing customers that their data has been stolen (32%).

 

Just 17% of successful attacks solely asked for a ransom in return for a decryption key, meaning that many new forms of extortion are now more common than traditional methods. As data is now being exfiltrated, having a back-up of data – while still essential for recovery from an attack – is no longer effective for containing a breach.

 

The data also shows that cybercriminals are following through with these extortions, often even after a ransom has been paid:

  • Almost a fifth (18%) of victims paid the ransom but still had their data exposed on the dark web
  • This is more than the 16% that refused to pay the ransom and had their data exposed
  • Almost one-in-ten companies (8%) refused to pay the ransom, and the attackers tried to extort their customers
  • Over a third (35%) of victims paid the ransom but were still unable to retrieve their data

“Ransomware attacks have become much more dangerous. They have evolved beyond basic security defenses and business continuity techniques like next-gen antivirus and backups,” said Kevin Bocek, vice president of business development and threat intelligence at Venafi. “Organizations are unprepared to defend against ransomware that exfiltrates data, so they pay the ransom, but this only motivates attackers to seek more. The bad news is that attackers are following through on extortion threats, even after the ransom has been paid! This means CISOs are under much more pressure because a successful attack is much more likely to create a full-scale service disruption that affects customers.”

When asked about the evolution of extortion in ransomware attacks, 71% of those polled believe that double and triple extortion has grown in popularity over the last 12 months, and 65% agree that these new threats make it much harder to say no to ransom demands.

 

This is creating problems for the industry. 72% of IT decision-makers agree that ransomware attacks are evolving faster than the security controls needed to protect against them, and 74% agree that ransomware should now be considered a matter of national security. As a result, 76% of companies are planning on spending more in 2022 on ransomware-specific controls due to the threat of double and triple extortion.

Wider than internal measures, two-thirds (67%) of IT decision-makers agree that public reporting of ransomware attacks will help to slow down its growth. A further 77% agree that governments should do more to help private companies to defend themselves from ransomware.

 

“Threat actors are constantly evolving their attacks to make them more potent, and it’s time for the cybersecurity industry to respond in kind,” explained Bocek. “Ransomware often evades detection simply because it runs without a trusted machine identity. Using machine identity management to reduce the use of unsigned scripts, increase code signing and restricting the execution of malicious macros are vital to a well-rounded ransomware protection.”

 

About the research

Conducted by Censuswide, Venafi’s survey evaluated the opinions of 600 IT decision-makers across the UK, Australia, France, Germany, Benelux, and the US.

 

About Venafi

Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

Linked InTwitterFacebook
Affino

23-29 Hendon Lane,
London, N3 1RT

23-29 Hendon Lane, London, N3 1RT

020 8349 4363

© 2023, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543