2021 has proven to be another record-breaking year for Ransomware attacks, which have increased 288% in the last year. To add to this, the FBI has released a joint statement with CISA, urging organizations not to let down their defenses against ransomware attacks during weekends or holidays, especially with regards to the upcoming Labor Day weekend.
The agencies said they “observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed—in the United States, as recently as the Fourth of July holiday in 2021.”
Though both agencies did not disclose any information regarding potential ransomware attacks within upcoming holidays, they gave examples of recent attacks which occurred on such days – Colonial Pipeline, JBS, and Kaseya.
JBS, the world’s largest beef producer, shelled out $11 Million to the now-defunct REvil Ransomware gang after a Memorial Day hack.
Colonial Pipeline paid $4.4 Million to the Darkside Ransomware gang, in what was possibly the most storied Ransomware incident of the year. The attack occurred on Memorial Day.
On the fourth of July weekend, REvil Ransomware pulled off one of their largest – and final – attacks, striking dozens of Kaseya customers which affected 1500 businesses.
As shared by the two agencies:
- In May 2021, leading into Mother’s Day weekend, malicious cyber actors deployed DarkSide ransomware against the IT network of a U.S.-based critical infrastructure entity in the Energy Sector, resulting in a week-long suspension of operations. After DarkSide actors gained access to the victim’s network, they deployed ransomware to encrypt victim data and—as a secondary form of extortion—exfiltrated the data before threatening to publish it to further pressure victims into paying the ransom demand.
- In May 2021, over the Memorial Day weekend, a critical infrastructure entity in the Food and Agricultural Sector suffered a Sodinokibi/REvil ransomware attack affecting US and Australian meat production facilities, resulting in a complete production stoppage.
- In July 2021, during the Fourth of July holiday weekend, Sodinokibi/REvil ransomware actors attacked a U.S.-based critical infrastructure entity in the IT Sector and implementations of their remote monitoring and management tool, affecting hundreds of organizations—including multiple managed service providers and their customers.
Soaring Ransomware Attacks
Holidays are the least of worries when it comes to Ransomware attacks, which soared by 288% between the first and second quarters of 2021, according to new data from NCC Group.
Analyzing incidents dealt with by its own Research Intelligence and Fusion Team (RIFT) throughout 2021, the firm claimed nearly a quarter (22%) of data leaks in the second quarter came from the Conti group.
Avaddon Ransomware was the runner-up, at 17% of incidents.
Nearly half (49%) of victims were based in the US, which continues to be a hotspot for ransomware attacks. 7% were in France, and 4% in Germany.
Christo Butcher, lead for for threat intelligence at NCC Group, stated that no organization in any sector is safe from ransomware today.
“We’ve seen targets range from IT companies and suppliers to financial institutions and critical national infrastructure providers, with ransomware-as-a-service increasingly being sold by ransomware gangs in a subscription model,” he added.
“It’s therefore crucial for organizations to be proactive about their resilience. This should include proactive remediation of security issues, and operating a least-privilege model, which means that if a user’s account is compromised, the attacker will only be able to access and/or destroy a limited amount of information.”
SaferNet is the perfect solution to the cybersecurity issues that individuals, families, and businesses face today. It not only connects every device using a secure, 24/7 always on, military grade VPN, but it also stops outside cyberthreats, malware and viruses as well. On SaferNet, all users are protected anywhere in the world, all the time, on any cellular or Wi-Fi network. In addition to SaferNet’s VPN and cyber protection, it also offers a range of employee or parental/family internet controls including internet filtering, monitoring, scheduling, and blocking access to websites or even entire website categories
Typically, a business or family would need 3 separate services for a VPN, Malware Protection, and Internet Controls; SaferNet offers all 3 features in one service. SaferNet truly is an endpoint security presence that can be implemented in minutes around the world, on phones, laptops, tablets, and computers at an economical price point that caters to all sizes of businesses and families. SaferNet guarantees a smooth setup and installation process that takes only minutes, and an easily accessible control hub for you to monitor all your employee’s or family members devices; including activity, time spent online, and threats blocked.