Ransomware groups are something of a Phoenix - they live short lives, burn out quickly, but are often reborn and come back stronger and more destructive.
A new IBM Security report claims the average ransomware group “lives” less than two years - 17 months, on average, in fact. This is, in part, due to increasing pressure from governments and law enforcement agencies, which have successfully dismantled some of the biggest threat actors in the ransomware space, in these past couple of years.
However, IBM Security’s data suggests that many of these groups could go into hiatus, rebrand, build entirely new infrastructure from scratch, using all of the previous experience, and than come back stronger and even more destructive.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
Transforming with ease
According to the report, that’s hardly an issue for these groups, as they’ve gathered enough resources from their previous operations to successfully fund any change.
Elsewhere in the report, the researchers are saying ransomware operators were mostly targeting manufacturing organizations. The Covid-19 pandemic has put tremendous pressure on the supply chain, something many threat actors were acutely aware of.
As a result, almost a quarter of all cyberattacks happening globally, were against manufacturers.
What’s more, in Asia, the foundation of many of the world’s supply chains, manufacturing was one of the top-attacked industries.
All of this leads IBM’s researchers to believe that ransomware groups won’t be going anywhere, any time soon, and that the efforts to eliminate them, while commendable, probably won’t suffice. That’s why businesses need to protect themselves, by updating their disaster recovery plans, refreshing their resilience strategies, training their employees to spot phishing and social engineering attacks, and keeping their hardware and software up to date.
Having an antivirus and a firewall will not keep most threat actors at bay, as their attacks against employees have grown frighteningly sophisticated. Deploying a zero-trust strategy and staying vigilant is the best way forward, experts are saying.
- Check out the best malware removal software today
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.