Ransomware is one of the most intractable — and common — threats facing organizations across all industries and geographies. And, incidents of ransomware attacks continue to rise. Meanwhile, ransomware threat actors are adjusting their attack model to adapt to improvements that organizations are making to recover from these attacks.
As of September 2020, one in four attacks IBM Security X-Force Incident Response has remediated this year have been caused by ransomware. Ransomware incidents appeared to explode in June 2020. That month saw one-third of all the ransomware attacks IBM Security X-Force has remediated so far this year.
Figure 1: Relative monthly volume of ransomware attacks analyzed by X-Force in 2020 (Source: IBM Security X-Force)
For IBM Security X-Force, the importance of ransomware in 2020 is underscored by the heavy toll this attack type is taking on corporations worldwide. This toll is made heavier by increasing ransom demands and attacks that blend ransomware with data theft and extortion techniques.
Ransom demands are increasing exponentially. In some cases, IBM Security X-Force is seeing ransom demands of more than $40 million.
Sodinokibi ransomware attacks account for one in three ransomware incidents IBM Security X-Force has responded to in 2020 so far.
Attackers are finding schools and universities to be an even more attractive target for ransomware attacks, especially as they begin classes virtually or are experimenting with hybrid environments due to COVID-19.
41% of all ransomware attacks IBM Security X-Force analyzed in 2020 targeted organizations with operational technology (OT) networks.
This post will highlight the ransomware types IBM Security X-Force has observed most frequently. It will also touch on some of the more concerning trends in ransomware attack techniques — such as blended extortion-ransomware attacks — and what companies can do to combat this new onsla ..