Research by California-based IT security specialist Barracuda has revealed that financial firms have seen ransomware attacks this year rise to a level as much as three times higher than they were 12 months previously. The increase in working-from-home is one key reason for the increase, Barracuda says in a research report.
The research also noted a rise in the number of attacks on IT and business service providers. These attacks are especially dangerous as they can offer unique access to clients’ systems, and outages can have dramatic knock-on effects across a number of clients.
Based on data gathered on its clients via its security operations centre, Barracuda detected a peak of 1.2 million attempts for the month of June. The key channels of attack were through the use of phishing links and gaining access to less secure VPNs, a method which has gained in popularity as a result of remote working, according to Barracuda. Although firms have had time to improve their authentication methods since the start of the Covid pandemic, it remains to be seen if the upward trend will continue.
“As ransomware and other cyberthreats continue to evolve, the need for adequate security solutions has never been greater,” said Fleming Shi, CTO at Barracuda. “Sophisticated security technologies should be available as services, so that businesses of all sizes can protect themselves against these ever-changing threats.”
Of the 106 highly-publicised ransomware attacks since August 2021, the financial sector accounted for 6% of attacks, while attacks on service provides accounted for a further 6%.The most targeted industries were education (15%), municipalities (12%) and healthcare (12%). Attacks on critical infrastructure, such as energy and water companies, saw the highest relative increase in the same period.
The Barracuda report underlines that most successful attacks are not publicly disclosed. However, what has been disclosed suggests that fewer victims paid ransoms, which the report suggests is likely the result of improved defences.