Ransomware, the biggest threat to businesses in 2022

Ransomware

We discuss the growing threat of ransomware and its effect on business with new data from the Kroll Threat Landscape Report.

The ongoing threat of ransomware taking over a company is not something to be taken lightly. Kroll, a provider of services and digital products related to valuation, governance, risk, and transparency, released its Threat Landscape Report, analyzing the increase of threats over 2021, this revealed ransomware as the dominant threat type. The report was the company’s first created and is scheduled to be published quarterly.

In 2021, the increase in ransomware attacks was noticeable, with large store chains such as Spar being a notable victim. It comes as no surprise that the Kroll report states the number of attempted attacks has doubled during the year from 20% in the first quarter to 46% by the third quarter. Incidents of unauthorized access and the insider threat risk increased , but to a lesser extent than ransomware, making up 25% of recorded incidents in the same period.

It can be argued that this trend was predicted, as the annual Cyber Polygon’s event ran a simulation based on the scenario of a cyber attack pandemic. This interestingly was back in 2020 before the significant increase in attacks, so the experts predicted the wave accurately and have since discussed the threat in more detail with security experts from around the world, including Interpol.

Discussion from Cyber Polygons on protecting from Ransomware

The Kroll report looks at the evolution of cyber threats, including the most prominent threat incident attack methods, most frequently targeted sectors, perpetrators, and potential future risks.

The most important thing for businesses is to prepare to defend against an attack ahead of time rather than react after the incident. Ioan Peters, Managing Director and Co-Regional Lead in EMEA for Kroll’s Cyber Risk practice, comments, “Ransomware remains a huge threat to organizations of all shapes and sizes. We’ve seen threat actors mobilize and expand their efforts since the beginning of the pandemic. Incidents like the Conti leak only serve to democratize the methods used by cybercriminals to gain access to businesses. An ounce of prevention is worth a pound of cure when it comes to ransomware, so we encourage all businesses to constantly evaluate the security controls they have deployed rather than waiting for an incident to occur.”

In the past year, the public has witnessed examples of the way the medical sector and supply chain services have been targeted. However, the Kroll report shows that healthcare attacks make up only 12% of all attacks included in the study. Interestingly it identifies the professional services sector as the most targeted sector overall in Q3, increasing by nearly 4% compared to the previous quarter to 22%.

This increase is most likely due to attackers utilizing supply chain breaches within professional services firms to make the effects of their attack as widespread as possible. Other sectors that were heavily targeted include technology and telecommunications (13%), financial services (13%), and manufacturing (10%).

Petersstated,“Attacks on the global health care sector are particularly astounding given the strain on these services through the pandemic. Following an initial ‘ceasefire’ from threat groups in March 2020, the Conti group, which accounted for the largest number of incidents in Q3 (31%), has developed a reputation for targeting hospitals and other emergency medical services. Sadly, these attacks can result in life-threatening consequences, and therefore, these organizations do need to focus on ensuring that they have all possible safeguards in place.”

For a very long time, the public viewed hackers as just a single man hiding in a basement; this is not the case now as ransomware has turned into entire organizations working as a company, hiring employees, and even paying them a salary. There is a lot of money to be made in this area regardless of their choices’ ethical issues.

Phishing and social engineering remained the most prominent infection vectors in Q3, despite instances falling by 9%. Strikingly, third-party vulnerability exploitation was up 12% on the previous quarter as threat actors weaponized the pandemic and used it as an opportunity to hit vulnerable businesses as they move more of their operations online. Petersconcluded:“As the pandemic continues to impact the way we work globally, the risks poised from threat actors looking to take advantage of business vulnerabilities have increased as security teams struggle to keep up.”

Read More:

The only way to defend against this wave is to evolve the business threat protection; luckily, many new security systems are being created to help fend off attacks. Peters states, “Businesses must ensure they are evolving with threats to ensure maximum protection for their business and clients. Strong identity protection such as multifactor authentication (MFA) is often the best step a business can take to protect itself in terms of outlay and reward. It’s relatively simple to set up and can prevent an overwhelming majority of attacks. A large majority of Q3 victims were businesses that did not have fully implemented MFA in place.”

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Erin Laurenson

Multimedia Content Producer for TBTech

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...

The need to clean data for effective insight

David Sheldrake • 05th March 2025

There is more data today than ever before. In fact, the total amount of data created, captured, copied, and consumed globally has now reached an incredible 149 zettabytes. The growth of the big mountain is not expected to slow down, either, with it expected to reach almost 400 zettabytes within the next three years. Whilst...

What can be done to democratize VDI?

Dennis Damen • 05th March 2025

Virtual Desktop Infrastructure (VDI) offers businesses enhanced security, scalability, and compliance, yet it remains a niche technology. One of the biggest barriers to widespread adoption is a severe talent gap. Many IT professionals lack hands-on VDI experience, as their careers begin with physical machines and increasingly shift toward cloud-based services. This shortage has created a...

Tech and Business Outlook: US Confident, European Sentiment Mixed

Viva Technology • 11th February 2025

The VivaTech Confidence Barometer, now in its second edition, reveals strong confidence among tech executives regarding the impact of emerging technologies on business competitiveness, particularly AI, which is expected to have the most significant impact in the near future. Surveying tech leaders from Europe and North America, 81% recognize their companies as competitive internationally, with...