Ransomware:
Protect your business
against crippling attacks
Ransomware is one of the most pressing cybersecurity threats facing businesses today.
18%
increase
It happens when cybercriminals use malware to encrypt data and hold information hostage until a “ransom” is paid. According to the FBI, these attacks are on the rise and increased 18% between 2022 and 2023.1
As disastrous as these events are, valuable lessons can be learned in their wake:
1,454
destructive ransomware events
In a recent report, The 2024 State of Ransomware,2 the team at Mastercard Cybersecurity took a deep dive into 1,454 destructive ransomware events to understand how businesses, specifically those that work with third-party providers, can better manage cybersecurity risks.
Count of destructive ransomware events by year, tracked by RiskRecon
400
150
100
50
0
2016
2017
2018
2019
2020
2021
2022
2023
200
250
300
350
22
26
15
67
286
334
313
373
Using data spanning from January 2016 to December 2023, Mastercard analysts examined attacks that crippled the delivery of energy and utility services and also:
forced shutdowns of numerous schools and universities
degraded capabilities at hospitals and halted food production
Many of these incidents impacted entire supply chains. Key findings in the report showed:
46%
of all ransomware detonations — the point at which an attack is triggered — happen between Friday and Sunday.
253%
The days surrounding Veterans Day had the highest holiday‐related breach event frequency, running at 253% above average.
35x
Organizations with good cybersecurity hygiene have a 35 times lower frequency of destructive ransomware events.
“Doing cybersecurity well is tough,” the report stated.
“It requires that systems be well-managed, which necessitates good people, processes, and supporting technology. All this starts with strong commitment from the top of the organization, backed by budget and prioritization to make it happen. A transformation like that doesn’t happen easily.”
The first step? Implementing best practices. Here are some to keep top of mind:
Revisit your suppliers’ inherent risk ratings; criminals are targeting every sector
Every vendor and partner is a likely target. Know the ones you are operationally dependent on. Those suppliers that were previously rated as low inherent risk due to lack of data or transaction sensitivity might actually be high or critical when examined through the lens of operational dependency.
Ensure that your operationally important suppliers have 24/7 security operations
Criminals are detonating ransomware seven days a week, with no day of the week having less than 11% of the total events, the data showed. Be certain to have coverage through the weekend, as 46% of all ransomware detonations occur from Friday to Sunday, according to the findings.
Why do criminals favor the weekends? Perhaps because they know that organizations have fewer cybersecurity and IT professionals ready to deploy during the weekend, which gives criminals more space to increase their blast radius.
Do business with organizations that have good cybersecurity hygiene
Organizations with poor security hygiene provide easy entry vectors and are unlikely to have strong internal defenses that reduce the risk of ransomware detonation. On the flip side, organizations that demonstrate very clean hygiene in their externally observable systems, and whose signals don’t offer as many initial entry vectors, are more likely to have strong internal defenses.
Conclusion
Managing cybersecurity threats well can dramatically mitigate your exposure to destructive ransomware events and data losses.
Get your copy of the full report and learn how to increase safeguards for your business.
State of Ransomware 2024
https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf
https://www.riskrecon.com/state-of-ransomware-report-2024
Previous
CISO Lessons Learned
Next
The Trust Center
Ransomware: �protect your business
against crippling attacks
Home
Threatcasting
Threatcasting
BIN attacks
BIN attacks
CISO Lessons
CISCO lessons
learned
Ransomware
Ransomware
The Trust Center
The Trust Center
Power of STEM
Power of STEM
Zero Trust
Zero trust
Zero Trust
Threatcasting
BIN Attacks
Ransomware
The Trust Center
Power of STEM
Threatcasting
BIN attacks
CISO Lessons