October 26, 2022

According to the IAPP, ransomware losses worldwide will exceed $30 billion in 2023, and system breaches will be the main cause of data breaches.

Malware and shell access to a device are two examples of attacks proposed for data breaches in the coming year and beyond, but ransomware appears to be the primary method, with ransomware attackers using three new tricks.

The first is data leak and double extortion, which is how ransomware groups demand ransoms for the decryption of critical data and the prevention of data leak.

The second component is the Initial Access Broker (IAB), which enables ransomware attack groups to obtain access to legitimate, high-level access data for targeted companies and to begin exfiltrating data in preparation for the double extortion demand.

The third is ransomware-as-a-service (RaaS), which enables malware developers to rent out ransomware and its control infrastructure to other cybercriminals.

Statistics show that almost half of all data breaches in 2022 started with stolen access data. In the first half of 2022, 600 malicious email campaigns were launched, 58% of which were phishing emails and 28% contained malicious software designed to steal credentials.

Furthermore, as reliance on the cloud grows, attackers have increasingly targeted various entry points into cloud-based networks. Cyber criminals are now targeting unpatched or software vulnerabilities in order to extract data, with Linux operating systems and managed service providers (MSPs) and their networks of SMB customers being increasingly affected recently. Another method is “non-traditional entry avenues” like cryptocurrencies and decentralized finance (DeFi) systems.

The sources for this piece include an article in CPOMagazine.