Security News

Shoprite Holdings, Africa's largest supermarket chain that operates almost three thousand stores across twelve countries in the continent, has been hit by a ransomware attack. "Additional security measures to protect against further data loss were implemented by amending authentication processes and fraud prevention and detection strategies to protect customer data," mentions the firm's statement.

The report shows that 99% of those healthcare organizations hit by ransomware got at least some their data back after cybercriminals encrypted it during the attacks. Additional ransomware findings for the healthcare sector Healthcare organizations had the second-highest average ransomware recovery costs with $1.85 million, taking one week on average to recover from an attack.

A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. This new extortion strategy is being conducted by Industrial Spy, a data extortion gang that recently began using ransomware as part of their attacks.

Hackers have targeted poorly secured Elasticsearch databases and replaced 450 indexes with ransom notes asking for $620 to restore contents, amounting to a total demand of $279,000. This campaign is not new, and we have seen similar opportunistic attacks numerous times before, and against other database management systems, too [1, 2, 3]. Restoring the database contents by paying the hackers is an unlikely scenario, as the practical and financial challenge for the attacker to store the data of so many databases is unfeasible.

Several U.S. federal agencies warned organizations today against paying ransom demands made by the Karakurt gang since that will not prevent their stolen data from being sold to others. Karakurt, the data extortion arm of the Conti ransomware gang and cybercrime syndicate, is focused on stealing data from companies since at least June 2021 and forcing them into paying ransoms under the threat of publishing the information online.

A Veeam report has found that 72% of organizations had partial or complete attacks on their backup repositories, dramatically impacting the ability to recover data without paying the ransom. 76% of organizations admitted to paying the ransom.

Businesses are losing the battle when it comes to defending against ransomware attacks, according to a Veeam report, which found that 72% of organizations had partial or complete attacks on their backup repositories, dramatically impacting the ability to recover data without paying the ransom. Paying the ransom doesn't guarantee data recovery.

The findings of the second edition of the report indicate that the ransomware empire kept its winning streak going with the average ransom demand growing by 45% to reach $247,000 in 2021. In addition to the analysis of more than 700 attacks investigated, the report also examines ransomware DLS. Human-operated ransomware attacks have maintained the global cyber threat landscape lead by solid margins over the last three years.

Researchers analyzing the collateral consequences of a ransomware attack include costs that are roughly seven times higher than the ransom demanded by the threat actors. Ransomware attacks typically involve stealing data from the company and encrypting systems to pressure the victim into paying to decrypt files and to avoid a data leak.

In Q4, the rate of ransomware claims reached just half of the peak seen in Q1 2021 - decreasing from 0.6% to 0.3%. While the Q3 2021 average ransom paid was atypically high, the entire 2021 ransoms paid by quarter average was ~$167k, 44.2% less than the Q3 figure. The percentage for the last quarter of 2021 held steady in the low twenties, down significantly from figures that once were over 50%. As recently as Q3 2020, the ratio was 44%. This decrease in cost and severity can be partially attributed to underwriting entities requiring stronger backups for insurance coverage, which is helping to drive the broader trend toward more sophisticated and resilient approaches to mitigating ransomware risk.