The 'Silver Lining' to Ransomware Attacks on Businesses in an Increasingly Hostile World

Cyber-attacks continue to increase at a phenomenal rate. Organizations have never been under such threats – and the future doesn’t look any brighter. Yet, there is arguably a ‘silver lining’ for those that have fallen victim to a successful breach.  

The surge in threats is encouraging businesses to take a more proactive approach to defense strengthening. In fact, investment in cybersecurity is at an all-time high, as the UK Government reports a 14% increase in revenue generated by UK cyber firms to £10.1bn as of February 2022. The rate of increase is unsurprising, given the average cost of a data breach now sits at $4.24m.   

There’s no question that all attacks are devastating to the victims, but each breach offers the opportunity for greater resilience and improvement of security strategies. Let’s take ransomware as an example. Unfortunately, not a day goes by without reports of another attack of this nature on businesses across the globe.  

According to SonicWall, 2021 witnessed a “sustained, meteoric rise” in breaches, with a recorded 623.3 million ransomware attacks worldwide, which is a 105% increase compared to the previous year. Yet, each tragedy serves as a warning for the rest of us and has contributed to the acceleration in global cybersecurity investment as businesses scramble to prepare for the next assault. 

The Reality of Future of Attacks 

Over the past two years, threat actors have become bolder and more sophisticated, but intelligence continues to hint at greater devastation in years to come. A ransomware attack can be extremely damaging for an organization. Yet, if you compare it to the dangers and damages associated with an assault from a nation-state – something we have all seen only too recently – it can be relatively small in comparison. While they may be using similar attack vectors, the investment and backing of the nation-state campaign is significantly greater and therefore has the potential to cause much greater destruction.  

As an example, the Colonial Pipeline attack in the US, which was linked to an affiliate of a Russia-linked cybercrime group called DarkSide, demonstrates the devastation caused by larger attacks. The entire infrastructure responsible for approximately half of the East Coast’s fuel supply ground to a halt as hackers successfully disabled its billing systems. This attack highlighted just how vulnerable governments and industries are and how even the smallest of vulnerabilities – like one compromised credential – can cause nationwide disruption.  

Growing Weapon Developments (And Concerns) 

Sophisticated cyber-criminals and nation-states have access to advanced technology and resources, which could have terrible consequences in a war scenario – as the conflict in Ukraine is currently demonstrating. Over 70 million people were killed in World War II, but they didn’t have access to the advanced cyber weapons available today. Conflicts today have two platforms – physical and cyber. The modern soldier has been born with a gun in one hand and a button capable of disrupting critical infrastructure in the other.  

We’re witnessing an alarming accumulation of cyber weapons within threat actors’ arsenals. Once conflict arises, whether on a nation-state or business level, the situation can escalate quickly, and these weapons could be potentially catastrophic. The NCSC is currently urging businesses to take action to “bolster their defenses” amid the ongoing war in Ukraine. 

The ‘Silver Lining’ of Past Attacks 

The businesses that have already been infiltrated and applied the lessons learned have a better chance of withstanding these kinds of destructive attacks. With the number and scale of ransomware attacks rising, those that faced assaults early on, perhaps on a smaller scale, dealt with the consequences, understood how damaging an attack could be and built out more robust, resilient cyber defenses.

Across the board, the mass investment in cybersecurity is in response to past attacks. The only way organizations feel threatened is if they feel attacked themselves, so the outcomes of these smaller, earlier attacks paint a bleak (but very real) picture for many. 

Breaches will only become more severe as we continue towards a digital world and the attack surface expands. The tide has well and truly turned for those in the public and private sectors who finally realize they can no longer afford to stand still, and oddly, we have ransomware attacks to thank. 

We’re way past the point when the government alone can defend the country from these attacks; there are too many moving, interconnected parts. Organizations themselves need to take on the responsibility of defending themselves, which, in turn, helps to protect the country from the growing threat of nation-state actors using the most advanced cyber weapons. 

Organizations are on high alert, having been bitten early on with smaller, financially motivated attacks. The reality is that cyber-attacks are lethal, not just to finances but to human life. While the companies stung in the past likely suffered heavily financially, they’re in a much better place to defend themselves – and the country – from more sinister intentions. 

By no means is the rise in attacks the desired scenario, but the resilience gained from past attacks should be seen as a silver lining in the face of graver dangers. 

What’s Hot on Infosecurity Magazine?