Security News

According to this year's report, 84% of responding organizations are experiencing a shortfall of skilled IT security personnel. A whopping 83% of responding organizations are experiencing growth in their security budgets, up from 78% last year.

A concerning number of ransomware victims have paid their attackers to retrieve their data or devices, according to CyberEdge Group's annual Cyberthreat Defense Report. The 2022 edition features a survey of 1,200 IT security professionals and found that a whopping 63% of those suffering from ransomware attacks last year ended up compensating the malicious parties responsible for the attacks.

The average ransom demand hit $2.2 million in 2021, a 144 percent rise from the year prior, according to Palo Alto Networks' Unit 42 consultants, while the average ransom payment grew 78 percent to $541,010. The security research and consulting team's latest ransomware report pulls data from cases handled by Unit 42 along with analysis of ransomware gangs' leak sites.

Cybersecurity company Imperva on Friday said it recently mitigated a ransom distributed denial-of-service attack targeting an unnamed website that peaked at 2.5 million requests per second. "While ransom DDoS attacks are not new, they appear to be evolving and becoming more interesting with time and with each new phase," Nelli Klepfish, security analyst at Imperva, said.

A global survey that looked into the experience of ransomware victims highlights the lack of trustworthiness of ransomware actors, as in most cases of paying the ransom, the extortion simply continues. 38% of ransomware attacks threatened to use stolen data to extort customers.

CyberSaint announced the release of a report which identifies which sectors pay the most in ransom, have the propensity to pay and delves into the future of ransomware. Since these sectors provide vital services, organizations are more likely to pay the ransom to protect the stolen data and restore provided services.

80% of critical infrastructure organizations experienced a ransomware attack in the last year, with an equal number reporting that their security budgets have risen since 2020, a Claroty report reveals. The report is based on an independent global survey of 1,100 information technology and operational technology professionals who work in critical infrastructure sectors, exploring how they have dealt with the significant challenges in 2021, their levels of resiliency, and priorities moving forward.

A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands. Unlikely most ransomware operations you read about in the news, Sugar does not appear to be targeting corporate networks but rather individual devices, likely belonging to consumers or small businesses.

One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Threat actors approached ONUS to extort a $5 million sum and threatened to publish the customer data should ONUS refuse to comply.

Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group. Earlier this week, Nordic Choice Hotels group announced its IT systems were hit by a "Computer virus" on Thursday, December 2nd. The incident left the hotel staff without access to the hotel's reservation systems that manage check-in, check-out, payments, and bookings.