A new report from Beazley Breach Response (BBR) Services reveals that the number of ransomware attack notifications against clients increased by 131 percent in 2019, as sums demanded by surged along with the counts.

The exponential jump on the severity side saw cybercriminals asking for seven- and even eight- figures sums in some cases.

According to an announcement about the latest Breach Briefing, the two most common forms of attack to deploy ransomware are phishing emails and breaching poorly secured remote desktop protocol (RDP). RDP enables employees to access their work computer desktops or company’s primary server from home with the press of a button.

“Always ensure employees can access their computer using a virtual private network with multifactor authentication,” she said. “It is important to whitelist IP addresses that are allowed to connect via RDP, and make sure that unique credentials for remote access are in place—particularly for third parties.”

Beazley notes that BBR services managed a growing number of ransomware incidents for policyholders that actually resulted from attacks on IT managed service providers and other service companies providing organizations with infrastructure and support services. In some cases, these attacks halted the operations of hundreds of customers downstream from the attacked IT provider.

Keefe noted a troubling evolution in the development of ransomware over the past four years. While earlier ransomware was just used to encrypt a target’s data as leverage for a ransom demand, more recently, attackers have been using ransomware variants in tandem with banking Trojans. “This two-pronged attack leaves organizations not only with the debilitating impact of its critical systems and data being encrypted, but with the added risk of data being accessed or stolen,” she said.

Source: Beazley Group