With ransomware attacks showing no signs of slowing down, the National Cybersecurity Alliance and the PCI Security Standards Council issued a joint warning bulletin Thursday. The bulletin was prompted by feedback from payment industry stakeholders and heightened news coverage of the attacks throughout 2021, says the PCI SSC.
In 2021, ransomware attacks hit 37% of all businesses globally. Of those victims, 32% paid a ransom, costing them an estimated $20 billion, according to the Council.
In a blog post on the subject Thursday, Lance Johnson, executive director of the Council, said: “These cyber threats are real and require immediate action to better protect against these ongoing criminal activities.”
Johnson expanded further on the ransomware threat via an email exchange with Digital Transactions News.
“The PCI SSC hears from stakeholders around the world about the threat of ransomware attacks,” Johnson says by email. “As an industry-leading organization in the world of payments security, we are issuing this bulletin to help educate those who work in payments and security about this present and growing risk. Organizations need to make cybersecurity a top priority as the number of cyber-attacks around the globe is on the rise.”
Ransomware has been a growing problem for several years. But the number of attacks launched in 2021 grew substantially from the previous year. In 2021, ransomware attacks represented 21% of reported data breaches, up from 17% in 2020, according to a report from Risked Based Security Inc. In 2020, the number of ransomware attacks in the United States totaled 65,000, the bulk of which were suffered by small businesses and non-profits, according to the PCI SSC
Helping fuel the rise of ransomware attacks is the increasing sophistication with which criminals are launching them to gain network access. Phishing attacks are often used to pilfer consumer data used on a daily basis, such as a user names, passwords, or account number. The attacker typically masquerades as a trusted entity.
But that’s just one purpose. Phishing attacks are also used as a way to gain a foothold in a network in preparation for launching a larger attack, such as a ransomware attack. In either case, the most common form of entry into the network is to dupe a victim into opening an email, instant message, or text message. This triggers the malware.
Web-site and software vulnerabilities are another big component fueling the rise of ransomware attacks. “Criminals plant ransomware on Web sites and take advantage of software vulnerabilities to launch attacks on visitors using outdated software browsers or browser plugins,” Johnson says.
Best practices to defend against a ransomware attack include:
• Identifying and securing important and valuable data
• Making sure all software applications are up-to-date by installing patches from vendors as they become available
• Monitoring the network for suspicious or unauthorized changes and investigating any such changes
• Regularly backing up data and testing the data recovery
• Educating employees about how to spot potential threats and how to avoid them
“The surge in ransomware activity has left many businesses and governments around the world scrambling for answers as they struggle to stay a step ahead of organized cybercriminal gangs,” Johnson says. “Utilizing good payment security practices and protocols can go a long way in guarding against these attacks.”