FBM230 P0926GU With the acceleration of industrial digitization, enterprises are facing new challenges of network security

With the acceleration of industrial digitization, enterprises are facing new challenges of network security.

The 2023 Ransomware Threat Report has been released by Petophnet, a global overview of extortion attacks based on nearly 1,000 investigations over the past 18 months. Ransomware attack is a popular mode of network attack in recent years, which refers to the network attack for the purpose of ransom. Usually, the attacker will steal and encrypt data to blackmail the victim enterprise to pay ransom, so as to obtain the decryption password or restore the normal operation of the system.

The massive global outbreak of WannaCry in May 2017 was a ransomware attack. The virus encrypts the documents after it reaches the target computer and can only be decrypted by paying bitcoin. WannaCry is a combination of ransomware, a worm, and Eternal Blue. In a matter of days, WannaCry infected more than 200,000 victims in 150 countries, many of them large corporations and businesses, including the U.K. ‘s National Health Service, Spain’s telecom giant Telefonica and FedEx.

FBM230 P0926GU

FBM230 P0926GU

FBM230 P0926GU

Hackers launch extortion attacks mainly for financial gain. According to the report, the highest ransom paid by victims in 1,000 cases was $7 million. It is worth noting that there is a huge difference between the amount of ransom demanded by hackers and the amount actually paid by enterprises. The median amount of the former is $650,000, while that of the latter is only $350,000, a 46% difference, indicating that hacker organizations involved in extortion attacks are eager to get ransom, and there is room for negotiation.

Ransomware groups will use a variety of extortion methods to increase the intensity of attacks, forcing the victim companies under pressure to pay ransom quickly. Common methods include encryption, data theft, and distributed blocking. Recent trends suggest that hackers will also use a combination of ransomware and data breaches to increase the level of threats against victims, such as the threat to publish stolen material on the dark web or rivals to increase pressure on victims to pay the ransom, the report said. By the end of 2022, nearly 70 percent of ransomware groups were using this tactic, a 30 percent increase from the previous year.

Dong Chuntao, pre-sales general manager of Petuo Networks Greater China, told Jiemian News that attackers often post corporate data online, with an average of seven ransomware victims’ data appearing on these websites every day, equivalent to one more every four hours. In addition, the nature of the businesses targeted by the ransomware, including these entities, is also changing. Hackers used to focus on enterprises, but more recently, hacker groups have targeted vulnerable groups, such as schools and hospitals, indicating that the overall bottom line of attacks is decreasing.