Virtualization Technology News and Information
Article
RSS
Index Engines 2022 Predictions: 5 Ransomware Predictions

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual VMblog.com series exclusive.

5 Ransomware Predictions for 2022

By Jim McGann, Vice President Marketing & Business Development, Index Engines

In 2021 ransomware was truly brought into the average family's home.  Their weekend BBQ and gas station fill ups were affected by ransomware. Their nightly news brought talks of Russian hackers and numerous FBI alerts warning of advancing cyberattacks.

Well get ready, because a new year on the calendar is not going to end the disruptions to business operations. The 2021 attacks have been massively successful and profitable, predicting an ugly trend: Ransomware is going to get worse before it gets better.

Based on conversations with hundreds of organizations around the world, and studying millions of client cyber security analytics through Index Engines' CyberSense data integrity software, here are 5 unsettling predictions on the path of ransomware in 2022.

1.       Cyber criminals will get smarter. We saw cyber criminals slip in malicious code into a routine software update in the SolarWinds attack, but that was 2020. Cyber criminals will continue to find new, innovative ways to penetrate the data center and circumvent end-point solutions. Their goal: do as much damage as possible and make it hard and expensive to recover. In October, ZD Net reported a new strain of malware that can encrypt a corporate system in less than three hours. It capitalizes on the new remote work spaces, breaking in through TeamViewer and deploying within 10 minutes.

2.       Volume of attacks continue to increase. JBS Meats, Colonial Pipeline, Air India and CWT Global made massive headlines and drew record-breaking ransoms. Why would cyber criminals stop now? It's a lucrative business and attracting more hackers into its criminal enterprise. And now, no hacking skills required. Angry employees, disgruntled patients and anyone with a grudge can command a cyberattack using Ransomware-as-a-Service such as Conti, which already has over 400 attacks linked to it, according to the FBI. It's truly going to get worse before it gets better.

3.       Attack vectors will get more sophisticated. Cyber criminals are deploying more sophisticated attack vectors and corrupting data in new ways. Lockfile ransomware was brought to light this past July, doing something unique in the field of ransomware, "intermittent encryption." This method evades detection of many standard detection tools that do not check the integrity inside file content. Other attack vectors also cause significant destruction while avoiding detection. Jigsaw uses encryption combined with a progressive deletion and CrypMIC corrupts files without changing the extension.  We will see more attack vectors that corrupt data in sophisticated ways in order to circumvent basic analytics tools.

4.       Backups will be targeted. Again, cyber criminals are trying to do as much damage as possible to make organizations as desperate as possible and demand as much money as possible. Disabling, erasing and encrypting backups will hinder any attempts by organizations to recover. Standard data protection leaves organizations' backups vulnerable and cyber criminals know it. Among those is Conti, who anyone with funds can elicit, and can execute 160 commands including net stop "Veeam Backup Catalog Data Service" /y which, as it sounds, stops Veeam backups. (Read more here) The FBI already warned "Malicious actors have also added tactics, such as encrypting or deleting system backups-making restoration and recovery more difficult or infeasible for impacted organizations."  In 2022, relying on backups that have not been analyzed to recover from a ransomware attack is no longer a viable strategy.

5.       Organizational down time will increase. Average down time is now 23 days, up by two days in 2021. This will continue to increase causing considerable disruption to businesses and infrastructure. Forget the ransom, that's only the beginning. Days and weeks of employee work are gone, orders can't be processed, labor is delayed, cattle can't be fed... and if an organization is trading publicly. the damage to their reputation is irreparable.

What next?

I would love for my predications to be wrong here, but would rather you be protected.

Index Engines' CyberSense ® is the world's leading analytics engine to detect data corruption due to ransomware. CyberSense operates in backup data, providing full content indexing of files, databases and core infrastructure like Active Directory to monitor how data changes over time; and alert organizations to signs of an attack and provide the last good backup.

If you'd like to see how our clients are implementing detection and recovery tools against 2022's ransomware, visit us at https://www.indexengines.com/cybersense

##

ABOUT THE AUTHOR

Jim McGann 

Jim McGann has extensive experience with the eDiscovery and Information Management in the Fortune 2000 sector. Before joining Index Engines in 2004, he worked for leading software firms, including Information Builders and the French based engineering software provider Dassault Systemes.

In recent years he has worked for technology-based start-ups that provided financial services and information management solutions. Prior to Index Engines, Jim was responsible for the business development of Scopeware at Mirror Worlds Technologies, the knowledge management software firm founded by Dr. David Gelernter of Yale University. Jim graduated from Villanova University with a degree in Mechanical Engineering.

He is a frequent writer and speaker on the topics of big data, backup tape remediation, electronic discovery and records management. 

Published Wednesday, November 03, 2021 7:31 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2021>
SuMoTuWeThFrSa
31123456
78910111213
14151617181920
21222324252627
2829301234
567891011