![\"\"](\"https:\/\/www.backblaze.com\/blog\/wp-content\/uploads\/2022\/10\/bb-bh-Q3-Ransomware-Takeaways-e1666366549842.png\")
<\/p>\n<\/p>\n
No matter which way war, the global economy, or superstorms are headed, one thing remains constant: ransomware threats continue to persist and evolve. That’s not new information, of course, but understanding the sophistication of emerging attacks is useful for anyone responsible for defending vulnerable infrastructure. Cybercriminals continue to target more industries such as healthcare and education that might not be as well-equipped to defend themselves. New strategies have allowed them to do more damage.<\/p>\n
The landscape continues to change, but staying informed is one of the best ways to protect your organization against the ever-present threat of ransomware. It\u2019s no substitute for comprehensive training for your team and a safely object-locked backup solution<\/a>, but it never hurts to know too much. Here are a few of the biggest stories in ransomware from Q3.<\/p>\n This post is a part of our ongoing series on ransomware. Take a look at our other posts for more information on how businesses can defend themselves against a ransomware attack, and more.<\/p>\n With businesses ramping up their ransomware protection, cybercriminals have begun shifting toward more so-called \u201csoft targets\u201d including hospitals and small municipal governments. This has proven dangerous, as not only do these targets have fewer resources to devote to cybersecurity, but a compromise of their systems can lead to real-world disaster.<\/p>\n Three different hospitals around the country\u2014CHI Memorial Hospital in Tennessee, hospitals in the St. Luke\u2019s system within Texas, and Virginia Mason Franciscan Health in Seattle\u2014were all recently hit with ransomware attacks<\/a>, causing widespread delays in patient care. This has become a sadly common story, as attacks continue on healthcare targets.<\/p>\n Ransomware groups have increasingly been targeting school systems as well. One such group, The Vice Society, were recently the subject of an FBI warning<\/a>, identifying their activity as \u201cdisproportionately targeting the education sector\u201d and that those attacks against school districts \u201cmay increase as the 2022\/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks.”<\/p>\n This past quarter saw several high-profile attacks against larger businesses, including Cisco<\/a>, Uber<\/a>, and Rockstar Games<\/a>, but it also saw signs that the ongoing war between black hat and white hat hackers may be entering a new realm.<\/p>\n In June, LockBit Ransomware was able to infect systems at Entrust<\/a>, giving the ransomware gang access to nearly 300GB of data which they threatened to publish if their demands were not met. Entrust did not pay the ransom, and while the company did not claim credit for it, someone shortly after launched a DDoS attack against the site that LockBit was going to use to publish the data.<\/p>\n In retaliation, the Lockbit ransomware gang began actively recruiting DDoSers to begin executing a \u201ctriple extortion<\/a>\u201d tactic, layering the possibility of a DDoS attack on top of attacks via ransomware. In a post to a popular forum for black hat hackers, LockBit\u2019s public face LockBitSupp wrote, \u201chave felt the power of dudos [DDoS] and how it invigorates and makes life more interesting.\u201d<\/p>\n The Council on Foreign Relations recently released a bombshell report<\/a> titled, \u201cConfronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet\u201d that outlined the extent to which state-sponsored hackers have begun undermining American sovereignty through attacks. This dovetails with recent reports of the information wars between Russia and Ukraine spilling out beyond the battlefield. A report from Wired<\/a> showed how pro-Russia group Killnet has launched cyberattacks against 10 different countries for supporting Ukraine.<\/p>\n This isn\u2019t necessarily new information: the 2020 Homeland Security Threat Assessment<\/a> calls out several nations, including Russia, China, North Korea, and Iran, as likely to employ cybersecurity attacks against the U.S. What is new is that the Senate voted $45 million in support of cybertools<\/a> that are specifically earmarked to protect the U.S. power grid. Some groups\u2014including the U.S. Government Accountability Office\u2014don\u2019t think that we\u2019re doing enough<\/a>. The impact here is that we\u2019re not just talking about ransomware attacks exposing private data; we\u2019ve evaluated as likely, and have started protecting ourselves against, attacks that will functionally shut down basic utilities.<\/p>\n The threat of cybercrime will only continue to expand in coming years. No matter what industry you\u2019re in or what size organization\u2019s infrastructure you have been tasked with protecting, continuous vigilance is crucial.<\/p>\n","protected":false},"excerpt":{"rendered":" Ransomware attacks are on the rise. Read more about recent trends and cyberattacks. <\/p>\n","protected":false},"author":157,"featured_media":107073,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[7,475],"tags":[468],"class_list":["post-107065","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-storage","category-ransomware","tag-b2cloud","entry"],"acf":[],"yoast_head":"\n\n\n
![\"\u2794](\"https:\/\/no-cache.hubspot.com\/cta\/default\/2832298\/907e1e54-cf11-453f-9eee-4b8f02745211.png\")
<\/a><\/span><\/span><\/p>\n1. Threats to \u201cSoft Targets\u201d Are Growing<\/h2>\n
Key Takeaway:<\/strong> No vertical is safe from the threat of ransomware, but the rise of these threats has led to greater protections specifically for soft target sectors. Cybersecurity and Infrastructure Security Agency (CISA) has provided a wealth of tools<\/a> for education, and companies have begun pivoting to create budget-friendly options<\/a> for cash-strapped public sector CIOs.<\/div>\n2. Ransomware Gangs May Now Be Deploying \u201cTriple Extortion\u201d<\/h2>\n
Key Takeaway:<\/strong> Time and time again we see hackers creating new tactics, and simple non-negotiation doesn’t protect your business or solve for operational downtime. We’ve seen that paying ransoms doesn’t stop attacks, and engaging in counterattacks rarely has the desired outcome. Strong defensive strategies, like object lock capability, can’t block cybercriminals from accessing and publishing information, but it does ensure that you have everything you need to bring your business back online as quickly as possible.<\/div>\n3. The Geopolitical Landscape is Impacting Cybercrime<\/h2>\n
Key Takeaway:<\/strong> As the lines blur between malicious hacking and state-sponsored attacks, the sophistication of the threats faced by most businesses and individuals will only grow. New laws and policies may eventually emerge to combat this trend, but until then it will be on you to ensure your infrastructure is safe.<\/div>\nThe Bottom Line<\/h2>\n