Businesses set to face an onslaught of ransomware attacks over holiday season

ransomware avast
(Image credit: Avast)

In each of the past three years, the number of ransomware attacks increased by almost a third over the holiday season as compared to the monthly average, new data from Darktrace shows.

In its latest report, the AI cybersecurity firm hints that businesses will likely face an onslaught of attacks again this holiday season, especially since 2021 has been a record year in terms of ransomware and other malware infections. Darktrace believes ransomware attacks will spike even higher this holiday season. 

Businesses can expect most of the attacks to occur between Christmas and New Year’s eve, during which period most cybersecurity professionals are on holiday. Ransomware protection is available, notes Justin Fier, Director of Cyber Intelligence and Analytics at Darktrace - it’s just a matter of picking the right weapons for the fight:

“Business leaders should know that there is available technology that can identify and respond to the initial warning signs of ransomware before attackers can hold critical systems hostage, even when human security teams are out of office,” he said.

Is ransomware an encryption issue only?

According to Fier, ransomware is often wrongfully described as an encryption problem. In fact, it’s a much wider issue, because the operators need to find a way into the target network and spend some time identifying and exfiltrating valuable data, before proceeding with the encryption and the ransom demand.

A malicious email is usually the first step to a ransomware attack, used by threat actors to phish for login credentials and weasel their way into the network. For this reason, Darktrace concludes, a combination of email and network security is crucial to stopping ransomware attacks.

Ransomware started as a simple idea: encrypt all data on a target network and demand payment in exchange for the decryption key. However, since businesses started deploying cloud backups to mitigate the threat, ransomware has evolved into a multi-step process in many instances: crooks demand payment in exchange for the decryption key, threaten to release stolen data online unless the demands are met, initiate a DDoS attack to apply further pressure, and try to intimidate victims over the phone.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.