Governments, firms may suffer $30b ransomware exposures by next year

By Adeyemi Adepetun

31 August 2022   |   3:41 am

Except urgent measures are deployed, there are indications that governments, firms and other enterprises may suffer $30 billion in ransomware exposure by next year, according to a new report by cyber protection company, Acronis.

 

The report noted that cyber-attacks have contributed to a loss of more than $60 billion in decentralised finance (DeFi) currency since 2012 — $44 billion of that vanished during the last 12 months.

  

Ransomware, which is a type of malicious software designed to block access to a computer system until a sum of money is paid, underlines how over-complexity in IT and infrastructure leads to increased attacks.

  

The Acronis report noted that nearly half of all reported breaches during the first half of 2022 involved stolen credentials, which enable phishing and ransomware campaigns, according to the report.

  

According to it, to extract credentials and other sensitive information, cybercriminals use phishing and malicious emails as their preferred infection vectors.

 

Nearly one per cent of all emails contain malicious links or files, and more than one-quarter (26.5 per cent) of all emails were delivered to the user’s inbox (not blocked by Microsoft365).

 

“Organisations of all sizes need a holistic approach to cybersecurity that integrates everything from anti-malware to email-security and vulnerability-assessment capabilities,” said Candid Wuest, VP of Cyber Protection Research.

 

The Conti gang demanded $10 million in ransom from the Costa Rican government and has published much of the 672GB of data it stole.

  

Lapsus stole 1TB of data and leaked the credentials of over 70,000 Nvidia users. The same gang also stole 30 GB worth of T-Mobile’s source code.

ALREADY in Nigeria, since the start of 2022, the Nigerian Communications Commission (NCC) has issued at least six cyber-attack warnings.

  

While data consumption, according to NCC, increased from 123,648TB in December 2019 to 205,880.4TB by December 2020, a study by Sophos revealed that 71 per cent of Nigerian organisations were hit by ransomware in 2021 while 44 per cent of those affected firms had to pay ransoms to get their data back.

  

Besides, a Check Point Threat Intelligence report, disclosed that Nigerian businesses experience about 2,308 attacks across all industries sectors weekly.

   

It stated that over a six-month period, 62 per cent of Nigerian businesses fell victim to attacks that allowed cybercriminals to gain remote control of devices and the private data stored on them. It said emails were the most prominent origin point for 60 per cent of cyberattacks.

   

To guard against Nigerians falling prey, the NCC inaugurated the Centre for Computer Security Incident Response (CSIRT), and in the last eight months, about six warnings have been issued.

   

At the inauguration of the centre, the Executive Vice Chairman of NCC, Prof. Umar Danbatta, said that increasing growth in Internet usage, as a result of the pandemic had led to a surge in cyber incidents and criminal activities.

   

He said, “Thus, the commission recognises that with the borderless nature and pervasiveness of these incidents, relentless and concerted attention is required to protect Internet users as well as the Critical National Information Infrastructure and ensure they are resilient.

   

“The CSIRT’s services will commence with four main thrusts, namely: monitoring, incident management, communication, and alert and warning. The devices for handling these four areas will be scaled up and expanded as the centre’s operations grow in order to enhance the digital economy and ensure it yields great dividends to Nigerian citizens.”

   

Identified cyber threats have ranged from those targeted at harvesting sensitive information from mobile devices to those that can hack and steal vehicles.

    

In its recent advisory, the NCC-CSIRT issued a warning to organisations and employees after Yanluowang threat actors gained access to Cisco’s network using an employee’s stolen credential.