It might be the start of a new year, however for more than a decade, LookingGlass has been monitoring and identifying cyber threats. We have recorded an increasing number and severity of cyber attacks, as well as documented several ransomware trends government agencies and organizations need to be aware of. The pandemic has increased the attack surface of most organizations, which has increased vulnerabilities and wreaked havoc on business operations. Increased cyber threats are impacting organizational and governmental polices and regulations around sensitive data now more than ever before.

Ransomware Industry Trends

LookingGlass predicts that several industries will remain hot targets for ransomware groups. For instance, the financial sector will remain a main target for cyber criminals due to the potential to exploit financial transactions and personally identifiable information of customers and companies for significant monetary gains.

Education will also remain a vulnerable industry. Educational organizations tend to run outdated software and have distributed IT infrastructures supported by understaffed teams. In addition, research institutions have intellectual property, raw data from research, and other data that can be valuable to nation-state actors and cyber criminals.

In addition to the financial and educational sectors, we expect to see attacks against government organizations remain in the news for 2022. According to the Trend Micro Annual Cybersecurity report, last year government organizations took the biggest share of ransomware attacks — 31,906. Just like the educational sector, government organizations, especially state and local agencies, must often do more with less. Thanks to shifting budget priorities, cybersecurity programs and operations tend to be under-resourced while battling cybersecurity workforce shortages, making them easier targets for ransomware gangs.

Lastly, the healthcare sector will remain a top industry target for 2022. Healthcare organizations have been under intense pressure since the start of the COVID-19 pandemic. In a 2021 survey of nearly 600 health delivery organizations, 42% indicated they had faced two ransomware attacks in the recent past, and 36% attributed those ransomware incidents to a third party. In May 2021, the FBI issued an alert stating that the Conti ransomware group, which had recently taken down Ireland’s Health Service Executive, which had also attacked at least 16 healthcare and first-responder networks in the U.S. the previous year.

Attack Trends

In addition to ransomware gangs and cyber criminals taking advantage of organizations’ growing attack surface and the risks (exposures, risky services, and vulnerabilities) associated with their attack surface, we expect to see more supply chain and ransomware-as-a-service (RaaS) attacks.

Supply chain attacks are attractive to cyber criminals due to the larger potential impact. Instead of attacking a single victim, supply chain attacks can hit multiple victims by leveraging our increasingly technology-connected and dependent business operations. A great example of a supply chain attack is the Kaseya attack – it impacted at least 1,500 of Kaseya’s managed service provider customers. Organizations need to assume that they are or will be breached in the near future. While this may seem like a defeatist outlook, there are actions enterprises can take to improve their cyber defenses. For example, the time between breach and detection is critical. Continuous monitoring and earlier detection of anomalous behavior can make a big difference in the potential impact.

What Else is New in Ransomware?

For more information on the state of ransomware, check out our latest white paper. It provides an overview of ransomware attacks, trends, and insights from the past year, as well as threat actors that LookingGlass has observed from open-source intelligence and dark web research and analysis.

Organizations can use this information to better understand ransomware actors and gangs, victim targets, and trends and new developments. Learn more in our upcoming State of Ransomware white paper – Reserve Your Copy Today!