Ransomware harm to gov’t businesses will exceed $30b. by next year - Acronis

The cost of failing to protect against malicious attacks extends far beyond financial loss for businesses and lives destroyed in the process.

 EVEN AFTER THE Cyberserve/Atraf disaster, Bennett is more afraid of overregulation than he is of lacking the power to save the private sector from its own occasional cyber laziness or cheapness. (photo credit: KACPER PEMPEL/ILLUSTRATION PHOTO/REUTERS)
EVEN AFTER THE Cyberserve/Atraf disaster, Bennett is more afraid of overregulation than he is of lacking the power to save the private sector from its own occasional cyber laziness or cheapness.
(photo credit: KACPER PEMPEL/ILLUSTRATION PHOTO/REUTERS)

Swiss cyber giant Acronis, which celebrated the success of its year-old R&D center in Israel just three months ago, revealed dire predictions about the state of organizations’ ability to combat ransomware in its mid-year cyberthreats report.

Ransomware continues to pose the No. 1 threat to large and medium-sized businesses as well as government organizations, according to the report. An inability to prevent ransomware attacks costs businesses millions – damages from ransomware are set to exceed $30 billion by 2023.

“Today’s cyberthreats are constantly evolving and evading traditional security measures,” said Candid Wüest, Acronis’s VP of cyber protection research.

“Today’s cyberthreats are constantly evolving and evading traditional security measures.”

Candid Wüest

The cost of failing to protect against malicious attacks extends far beyond financial loss for businesses and lives destroyed in the process. During the polarizing 2020 presidential election in the US, ransomware aimed at manipulating election results took center stage, as nearly a thousand attacks plagued cities, towns and the contractors who ran their voting systems.

Especially as elections approach in Israel and midterm voting looms over the American voters, the ability to prevent ransomware and other cyberattacks attempting to manipulate results should be a top priority for everyone involved in the process.

 The Acronis team on the roof of Publica Herzliya on May 25, 2022. (credit: PR) The Acronis team on the roof of Publica Herzliya on May 25, 2022. (credit: PR)

In addition to the potential for acts of political espionage targeted at influencing election results, governments across the globe actually face straight-up theft attempts.

Ransomware gangs

Conti, a prominent ransomware gang, demanded $10 million in ransom from the Costa Rican government and has published much of the 672 GB of data it stole, Acronis revealed. The same gang also stole 30 GB worth of T-Mobile’s source code, prompting the US State Department to offer up to $15m. for information about the leadership and co-conspirators of Conti.

Lapsus$, another gang, stole 1 TB of data and leaked credentials of more than 70,000 NVIDIA users.

To extract credentials and other sensitive information, cyber criminals use phishing and malicious emails as their preferred infection vectors. Nearly 1% of all emails contain malicious links or files, and more than one-quarter (26.5%) of all emails were delivered to the user’s inbox (not blocked by Microsoft365) and then were removed by Acronis email security.

Further complicating the cybersecurity threat landscape is the proliferation of attacks on non-traditional entry avenues. Attackers have made cryptocurrencies and decentralized finance systems a priority of late. Successful breaches using these various routes have resulted in the loss of billions of dollars and terabytes of exposed data.

Cyberattacks have contributed to a loss of more than $60b. in DeFi currency since 2012, $44b. of which vanished during the last 12 months.

The only way to combat such attacks on governments and businesses, Acronis says, is through a multi-layered solution that combines anti-malware, EDR, DLP, email security, vulnerability assessment, patch management, RMM and backup capabilities–all in one place.

The integration of these various components gives companies a better chance of avoiding cyberattacks, mitigating the damage of successful attacks and retaining data that might have been altered or stolen in the process.

“Organizations of all sizes need a holistic approach to cybersecurity that integrates everything from anti-malware to email-security and vulnerability-assessment capabilities,” Wüest said. “Cyber criminals are becoming too sophisticated, and the results of attacks too dire to leave it to single-layered approaches and point solutions.”