2021 saw an increase in most types of cyberattacks. The number of ransomware attacks rose by 105% (to 623.3 million attacks) and encrypted threats increased by 167% (to 10.4 million attacks), according to a February 2022 article in TechRepublic, an industry publication for IT professionals. Cybercrime is thriving due to our increasing reliance on technology; the results are proving to be disastrous.
Cyberattacks in 2021
In October 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Advisory on Blackmatter, a Ransom as a Service (RaaS) tool that has been active since July 28, 2021. This RaaS has spread malware to several United States-based organizations, including two US Food and Agriculture Sector organizations. It is suspected to be a rebrand of another RaaS, DarkSide, that was active from September 2020 to May 2021.
Later the same year, the CISA released another Cybersecurity Advisory regarding malicious activity by an advanced persistent threat (APT) group associated with the Iranian government. The APT actors are targeting several victims across the US, including the transportation sector, and the healthcare and public health sector. They are also actively targeting multiple Australian organizations. The CISA believes they are trying to gain access by exploiting known vulnerabilities and later use this access for their follow-up operations, like ransomware and encryption.
Tightening the security
These examples demonstrate that as threat actors become more innovative and smarter with their attack techniques, cybersecurity is increasingly important. Following the CISA’s recommendations and strategies is your best preventative first step. Read our e-book The Complete Cyberattack Survival Guide for Microsoft 365 using the CISA’s Recommendations to learn more them and how ManageEngine can help you implement them.