24 March 2020IT & claims management analysis

Ransomware attacks up 131% in 2019: Beazley

Ransomware attacks skyrocketed in 2019, according to the latest Beazley Breach Briefing, an annual update on cyber trends produced by Beazley, a cyber insurer.

Beazley’s breach response services team reported a 131 percent increase in the number of ransomware attack notifications against clients in 1019 compared to the previous year. The sums demanded by cybercriminals also increased exponentially, sometimes reaching seven or even eight figures, Beazley added.

Beazley also reported that cyber criminals’ methods of attack are evolving. “The two most common forms of attack to deploy ransomware are phishing emails and breaching poorly secured remote desktop protocol (RDP).” it said. “RDP enables employees to access their work computer desktops or company’s primary server from home with the press of a button, but the convenience also comes with added risks.”

Katherine Keefe, Beazley’s global head of BBR Services, said: “Using RDP can make IT systems more susceptible to attack without the right security measures in place. The coronavirus has forced many more employees to work from home and in this pressured environment it is very important that companies take the right steps to reduce the vulnerability of their IT infrastructure.”

She advised employers to ensure employees can access their computer using a virtual private network with multifactor authentication. “It is important to whitelist IP addresses that are allowed to connect via RDP, and make sure that unique credentials for remote access are in place – particularly for third parties,” she added.

Keefe added: “Early on, ransomware was typically used to encrypt data as leverage for a ransom demand. However, more recently, attackers have been using ransomware variants in tandem with banking Trojans such as Trickbot and Emotet. This two-pronged attack leaves organisations not only with the debilitating impact of its critical systems and data being encrypted, but with the added risk of data being accessed or stolen.”

While attacks are increasingly sophisticated, the steps companies can take to protect themselves are relatively simple, said Keefe. “Organisations need to ensure their IT security measures are a top priority and up-to-date, that they have access to authoritative, experienced risk management advice, and, importantly that employees are trained and alert to the potential threats.”