Ransomware is the number one threat to large and medium-sized businesses — including government, health care and other critical organisations — and global ransomware damages are predicted to reach more than $30 billion by next year, a report by technology and cyber security firm Acronis has shown.
Ransomware is a malware that is designed to deny users or organisations access to their online data and files stored in computers or servers. All data is encrypted and criminals demand payment for the decryption key.
As more businesses adopt hybrid work models and undergo rapid digital transformation to cope with Covid-19 challenges, they are also more exposed to cyber threats, industry experts said.
Leaked or stolen credentials were the cause of almost half of the reported cyber breaches in the first six months of 2022.
“Stolen credentials continue to be a driving force behind breaches, and with these credentials, attackers can easily execute phishing and ransomware campaigns,” the report said.
The Conti and LockBit 2.0 gangs were behind about 58 per cent of all publicly reported ransomware incidents in the January-March period.
The US Department of State is offering up to $15 million for information that helps identify and find the leadership and co-conspirators of the Conti ransomware gang, which illegally amassed about $2.7bn in cryptocurrency in only two years.
“Today’s cyber threats are constantly evolving and evading traditional security measures,” said Candid Wuest, Acronis vice president of cyber protection research.
“Organisations of all sizes need a holistic approach to cyber security that integrates everything from anti-malware to email-security and vulnerability-assessment capabilities. Cyber criminals are becoming too sophisticated and the results of attacks too dire to leave it to single-layered approaches and point solutions,” Mr Wuest said.
The report found that cyber criminals are using phishing campaigns and malicious emails and websites to extract credentials and other sensitive information.
Phishing typically comes in the form of fraudulent emails that aim to obtain personal information, such as credit card details and sensitive data such as usernames and passwords.
About 600 malicious email campaigns made their way across the internet in the first half of 2022, Acronis found.
“Nearly 1 per cent of all emails contain malicious links or file and more than one quarter (26.5 per cent) of all emails were delivered to the user’s inbox [not blocked by Microsoft365],” the report said.
The report revealed that more cyber criminals are focusing on cryptocurrencies and less-secured decentralised finance (DeFi) platforms. By exploiting flaws in smart contracts or stealing recovery phrases and passwords with malware or phishing attempts, hackers have entered into crypto wallets and exchanges, it said.
Cyber attacks have contributed to a loss of more than $60bn in DeFi currency since 2012, and $44bn of that vanished during the past 12 months.
“While the value of most cryptocurrencies dropped dramatically in May and June, it is still and will be a valuable asset to steal for cyber criminals,” the report said.
The cryptocurrency industry is in a so-called crypto winter, or a cool-down in the market that dragged Bitcoin, the world's first and largest cryptocurrency, to crash below its key $20,000 psychological level in June and wiped $2 trillion off the sector’s total market value, sending it below $1tn.
In January, the DeFi protocol Qubit Finance was hit by cyber criminals who stole 206,809 Binance coins from Qubit’s QBridge protocol, worth about $80m at the time.
Earlier this month, about 8,000 digital wallets were drained of more than $5.2m in cryptocurrency including Solana’s sol token blockchain analytics firm Elliptic reported.