Verizon says the cost of ransomware has doubled in two years

Reports from across the industry this week have revealed that we are living in a golden age… for hackers.

Software developers, kit makers, operators, professional services providers and so-on all promise the last word in cyber defence, but attackers still routinely find a way through.

According to Verizon’s latest Data Breach Investigations Report (DBIR), the median cost per ransomware attack has more than doubled over the last two years to $26,000, with 95 percent of incidents resulting in a financial loss of between $1 and $2.25 million.

In a press release on Tuesday, Verizon said the rise in cost coincides with a “dramatic rise in frequency over the past couple of years, when the number of ransomware attacks was greater than the previous five years combined.”

Similarly, a separate release on Wednesday from Orange Cyberdefense noted that while the number of victims of so-called cyber extortion (Cy-X) attacks declined 8 percent in 2022, it has risen since, reaching the highest volume to date in the first quarter of 2023.

One aspect that every cybersecurity specialist still struggles with is the human element. Tactics like social engineering combined with phishing are still proving extremely effective, with Verizon claiming that there was a human factor involved in 74 percent of the 5,199 data breaches analysed in its report.

“Senior leadership represents a growing cybersecurity threat for many organisations,” noted Chris Novak, managing director of cybersecurity consulting at Verizon Business.

“Not only do they possess an organisation’s most sensitive information, they are often among the least protected, as many organisations make security protocol exceptions for them,” he explained in a statement. “With the growth and increasing sophistication of social engineering, organisations must enhance the protection of their senior leadership now to avoid expensive system intrusions.”

There is a shred of hope though. According to Orange, as a result of high-profile attacks in places like the US, Australia and elsewhere, governments and law enforcement agencies are taking more decisive action. In addition to tracking down and arresting culprits, they are also taking aim at the broader hacking ecosystem.

This includes seizing money, taking down infrastructure, international sanctions, and developing decryptors for victims who have had their data encrypted. Another more recent tactic is called ‘hack back’, and sees the victim track down and gain access to the hacker’s server, wiping any data that was originally stolen from them.

It is only a shred of hope because rather than stopping cyberattacks, according to Orange it is merely encouraging hackers to target potential victims in markets where coordination between enterprises and law enforcement is less developed.

According to Orange, businesses in 96 different countries fell victim to attacks. There were declines in the US and Canada, but increases in Southeast Asia, the Nordics and Latin America.

“We are seeing significant changes and trends in terms of victim distribution across countries and industries and we believe collaboration between the public and private sectors can be improved to demonstrate a united front in combating this type of crime,” said Charl van der Walt, head of security research at Orange Cyberdefense.

However, even when the human element is taken out of the equation, machines are proving to be another effective attack vector.

Lastly, Nokia on Wednesday published a cybersecurity report of its own, which revealed that the number of IoT devices being used to conduct distributed denial-of-service (DDoS) attacks has risen from 200,000 a year ago to more than 1 million.

According to the kit maker’s latest Threat Intelligence Report, infected IoT devices now account for 40 percent of global DDoS traffic. These attacks are being used to disrupt telecoms networks as well as other critical infrastructure and services, Nokia said.

“A single botnet DDoS attack can involve hundreds of thousands of IoT devices, representing a significant threat to networks globally,” said a statement from Hamdy Farid, SVP of business applications at Nokia. “To mitigate the risks, it’s essential that service providers, vendors, and regulators work to develop more robust 5G network security measures, including implementing telco-centric threat detection and response, as well as robust security practices and awareness at all company levels.”

And yet, even as more robust security measures are rolled out, the reports published this week create the overwhelming impression that hackers will still notch up plenty of wins for the foreseeable future.

Get the latest news straight to your inbox. Register for the Telecoms.com newsletter here.