Recent research reports that more than 2,100 organizations have fallen victim to ransomware cyberattacks, as CrowdStrike cited an increase in these types of incidents. In particular, ransomware attacks are on the increase in critical businesses, governmental services, and vital infrastructures. There are many more threats and attacks today than there ever were before.
How organizations are attacked by ransomware hacks
One form is a double extortion attack, whereby a ransomware claim is augmented by the threat of hacking a victim’s critical information to threaten and disrupt primary operations involving discontinuation of business or services, which is a form of cyber blackmail.
This blackmailing of major infrastructure has caused criminals to be successful financially and determined the value of bribing and exploiting the major infrastructure and successful businesses.
The targeted sectors encompass a broad range of services, including hospitals, manufacturing, power production, and finance systems. These are particularly dependent on continuous services and therefore, cannot sustain extended periods of downtime.
The increased involvement from state-sponsored groups is also one reason for alarm
According to CrowdStrike, some ransomware operations in Europe have been connected to people from enemy states. These groups are not just looking to make a profit, but to undermine the economy and impact a countryโs national security.
Europe is one of the worldโs most digitally integrated and interconnected regions. The cohesive structure of Europeโs economies, coupled with the fact that Europe has the greatest number of digitally offered services in the world, creates a significant attack surface.
Moreover, as Europeโs Member States abide by the GDPR, data protection has become more of a priority. This opens the door for fragmented, manipulative attacks where the attacker claims to hold inappropriate data and threatens to release it, ultimately placing the victim in a position where they suffer significant legal and/or reputational damage.
Furthermore, the rapid uptake of cloud technologies and remote work has increased the possible avenues for cybercriminals. There is a positive side to these technologies, as they improve business efficiency. However, they also reduce security, a gap that is quickly filled by advanced ransomware-targeted groups.
Companies today report the most shocking consequences from ransomware attacks
Firms suffer not only the costs of the ransom but also have to pay for fines from their own legal counsel, damage to public trust, system restorations, and the potential for lost operational revenue.
CrowdStrike indicates firms lose over three weeks of operational revenue and suffer further immeasurable losses due to the time it takes to recover from ransomware attacks.ย In the most sensitive areas of industry, such as healthcare, the consequences of ransomware attacks get even worse, as we are talking about human life. Hospitals hit by ransomware attacks have reported a slowdown in patient treatment due to attacks.
To reduce risk, CrowdStrike indicates the need for proactive measures such as regular patching, employee training, and strong backup systems.
Ransomware attacks: A matter of public and national security
The need to counter state-backed foes means that the cybersecurity aspects of ransomware attacks are also a matter of public and national security.
In Europe, ransomware extortion has hit record highs. Facing state-sponsored ransomware attacks, Europe is in a new phase of cyber conflict focused on public safety. Without strong measures, attacks are likely to become even more frequent, and methods of thwarting them will have to become more sophisticated.
To European organizations, we make it clear that ransomware is no longer a technical headache, but rather a strategic problem that requires immediate attention and a cohesive response. Companies need to take steps today to prevent attacks tomorrow. The reputation and revenue of companies are at stake.
