Ransomware dominant threat type in Q3 2021 says Kroll

Share
A report from American risk consulting firm, Kroll, has revealed that Ransomware attacks in Q3 2021 more than doubled since Q1 2021, from 20% to 46%

Kroll, provider of services and digital products related to valuation, governance, risk and transparency has announced the results of its inaugural Threat Landscape Report, revealing ransomware as the dominant threat type in Q3 2021.

The report, which will be published quarterly, looks at the evolution of cyber threats, including the most prominent threat incident attack methods, most prominent threat actor groups, most targeted sectors and risks on the horizon.

The report shows that instances of ransomware attacks in Q3 2021 more than doubled since Q1 2021, from 20 per cent to 46 per cent, fuelled by an exponential increase in the initial access broker marketplace. Business email compromise (BEC) incidents fell by four per cent quarter on quarter, accounting for 29 per cent of attacks in Q3 and becoming the second most common dominant threat type. Incidents of unauthorised access and the risk of insider threats also increased, but to a lesser extent than ransomware, accounting for 25 per cent of incidents in the same period.

Ioan Peters, Managing Director and Co-Regional Lead in EMEA for Kroll’s Cyber Risk practice, says: “Ransomware remains a huge threat to organisations of all shapes and sizes. We’ve seen threat actors mobilise and expand their efforts since the beginning of the pandemic, and incidents like the Conti leak only serve to democratise the methods used by cybercriminals to gain access to businesses. An ounce of prevention is worth a pound of cure when it comes to ransomware, so we encourage all businesses to constantly evaluate the security controls they have deployed rather than waiting for an incident to occur.”

Most targeted sectors

The professional services sector remained the most targeted sector overall in Q3, increasing its dominance by nearly four per cent on the previous quarter’s figures to 22 per cent. This is most likely due to attackers increasingly utilising supply chain breaches within professional services firms to reach as many victims as possible in a single attack.

Additional sectors that were heavily targeted in Q3 include technology and telecommunications (13%), financial services (13%), health care (12%) and manufacturing (10%).

Peters added: “Attacks on the global health care sector are particularly astounding given the strain on these services through the pandemic. Following an initial ‘ceasefire’ from threat groups in March 2020, the Conti group, which accounted for the largest number of incidents in Q3 (31%), has developed a reputation for targeting hospitals and other emergency medical services. Sadly, these attacks can result in life-threatening consequences, and therefore, these organisations do need to focus on ensuring that they have all possible safeguards in place.”

Infection vectors

Phishing and social engineering remained the most prominent infection vectors in Q3, despite instances falling by nine per cent. Strikingly, third-party vulnerability exploitation was up 12 per cent on the previous quarter as threat actors weaponised the pandemic and used it as an opportunity to hit vulnerable businesses as they move more of their operations online.

Peters concluded: “As the pandemic continues to impact the way we work globally, the risks poised from threat actors looking to take advantage of business vulnerabilities have increased as security teams struggle to keep up.

“Businesses must ensure they are evolving with threats to ensure maximum protection for their business and clients. Strong identity protection such as multifactor authentication (MFA) is often the best step a business can take to protect itself in terms of outlay and reward. It’s relatively simple to set up and can prevent an overwhelming majority of attacks. A large majority of Q3 victims were businesses that did not have fully implemented MFA in place.”

Share

Featured Articles

Palo Alto Networks, Deloitte and The Push to Platformization

By expanding their partnership to EMEA, Palo Alto Networks is bringing to Deloitte the platformization needed in the modern cybersphere

Insurers Now Spotlighting Identity and Privilege Compromises

Delinea's latest survey reveals a sharp rise in cybersecurity insurance claims, pushing for advanced identity protection measures. Dive into how AI and met

Trend Micro Address AI Threat to Mobile Users with New App

Trend Micro Check is an all-in-one solution that recognises the threats that deepfakes are now posing to mobile users in elaborate scams

Solarwinds CISO Wants Global Cyber Laws After Winning Case

Cyber Security

Resurgence of Spam: Cisco Talos Sound Alarm on New Tactics

Hacking & Malware

Cloudhouse Head Talks Laws Incoming After Crowdstrike Outage

Operational Security