Increase in ransomware attacks targeting organisations during the holiday period
Cybersecurity artificial intelligence firm Darktrace has reported that its security researchers discovered a 30% increase in the average number of attempted ransomware attacks globally over the holiday season in every consecutive year from 2018 to 2020 compared to the monthly average.
The researchers also observed a 70% average increase in attempted ransomware attacks in November and December compared to January and February.
Following a record number of ransomware attacks this year, the company expects the spike to be higher over the 2021 holiday period.
During the nascent 2021 holiday season, Darktrace's AI detected and autonomously stopped an in-progress, early-stage ransomware attack on a U.S. city before any data exfiltration or encryption could occur. The city's security team had the foresight to deploy an AI solution to combat multi-stage ransomware attacks, enabling them to stop the attackers at the earliest stage.
According to the company, ransomware is often falsely considered an encryption problem. This misconception masks and undermines attackers' determination and creativity to initially break into and then move around within an organisation's digital environment first to discover, then steal and encrypt data, it says.
The break-in is often through email, but that quickly evolves to targeting servers where the data lives. Therefore, a combination of email and network security is crucial to stop these attacks.
Powered by Self-Learning AI, Darktrace technology develops an understanding of normal business operations for each organisation. It autonomously interrupts in-progress attacks at every stage from the initial entry with sophisticated spearphishing emails to brute-forced remote desktop protocol (RDP), command-and-control, and lateral movement, all without business disruption.
"Based on what we've seen in previous years, holidays are consistent target periods for cyber-attackers. Interestingly, the largest rise in attempted ransomware attacks is between Christmas and New Year's when attackers know there will be fewer eyeballs on screens defending against threats," says Justin Fier, director of cyber intelligence and analytics at Darktrace.
"Business leaders should know that there is available technology that can identify and respond to the initial warning signs of ransomware before attackers can hold critical systems hostage, even when human security teams are out of office.
Darktrace delivers technology that protects almost 6,000 customers worldwide from advanced threats, including ransomware, and cloud and SaaS attacks. The company's fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it.
Headquartered in Cambridge, UK, the company has more than 1,600 employees and more than 30 offices worldwide. Darktrace was named one of TIME magazine's 'Most Influential Companies' for 2021.