As posted on the Cybersecurity Insiders website (https://www.cybersecurity-insiders.com), IT security firm NCC Group reports that ransomware attacks worldwide increased by 288% between the first and second quarters of 2021. Almost half of the attacks targeted the United States. The FBI's Internet Crime Complaint Center logged one million grievances between March 2020 and May 2021; it took almost three years to receive the previous million complaints.
Part of the reason for this increase is the growing reliance on digital data has not been matched by increased attention to cybersecurity. Instead of mitigating the risk, a recent survey found 42.5% of companies in all industries would at least consider paying ransom; in construction the percentage was 74%.
Paying ransom should be discouraged as it encourages future attacks. Decryption tools are available. Other mitigation measures:
- Train employees to spot and report phishing emails.
- Back up mission critical data offline, encrypted.
- Network segmentation.
- Vet third parties; hold them to high security standards and limit their access.
- Businesses with sensitive data should use zero trust security.