Summarize

Simplifying... Inshort

Tech firms are increasingly falling prey to ransomware attacks due to their vast digital assets and low downtime tolerance, often paying ransoms promptly to resume operations.
A recent report reveals a rise in such attacks, accounting for 30% of engagements this quarter, up from 22% previously.
The main cause is poor security measures, particularly inadequate multi-factor authentication on critical systems, emphasizing the need for stronger cybersecurity.

Was a long read? Making it simpler...

Next Article

Ransomware attacks accounted for nearly 30% of security incidents this quarter

Why tech firms are a soft target for ransomware attacks

By Akash Pandey

Jul 29, 2024

02:13 pm

What's the story

Ransomware and business email compromise attacks (BEC) are increasingly targeting businesses, as revealed by a recent report from Cisco Talos Incident Response. The report reveals that these two types of cyber threats accounted for nearly 60% of all security incidents. Technology firms remain the most vulnerable to these attacks. Despite a slight decrease in BEC incidents in this quarter compared to the last, the report stressed that it is "still a major threat for the second quarter in a row."

Targets

Tech firms seen as goldmines by cybercriminals

Technology firms are the most frequent victims of ransomware and BEC attacks, largely due to their extensive digital assets, critical infrastructure support, and minimal tolerance for downtime. These factors often lead tech firms to pay ransom demands promptly to resume operations. Additionally, these companies are often targeted as gateways into other industries. In the past quarter, tech firms accounted for 24% of engagements, closely followed by healthcare, pharma and retail sectors.

Rising threats

Ransomware attacks have increased in this quarter

According to the report, ransomware attacks accounted for nearly 30% of engagements this quarter, a significant increase from the previous quarter's 22%. The report also highlighted the emergence of new ransomware families, Mallox and Underground Team, indicating an expanding number of threat actors. Black Basta and BlackSuit ransomware operations continue to cause substantial disruption among organizations.

Security flaws

Poor security measures lead to increased ransomware attacks

Cisco Talos Incident Response report identified inadequate multi-factor authentication (MFA) implementations on critical systems, including virtual private networks (VPN), as the primary reason for 80% of ransomware victims. The remaining victims were compromised due to vulnerable or misconfigured systems. The report noted a 46% increase in these security weaknesses from the previous quarter, highlighting the need for improved cybersecurity measures.