Op-Ed: In a wave of cyber attacks, every technology leader should focus on ransomware in 2023

In light of the hacks that targeted big businesses, it’s more apparent than ever that prevention is key. Every organisation — big or small — needs to be investing in systems and processes to protect their private data. With these recent examples, technology leaders must move into the new year having security at the top of their minds, focusing on ensuring they’re protecting their business as best they can from the wide range of threats out there.

Studies indicate that ransomware is one of the most frequent and damaging types of malware leveraged by cyber criminals. The Australian Cyber Security Centre’s (ACSC) Annual Cyber Threat Report highlights that over the last year, 447 ransomware cyber crimes were reported — although it is important to note that ransomware remains significantly underreported, especially by victims who choose to pay a ransom, which indicates that this number in reality is even higher.

Research from Splunk’s 2022 State of Security report found that globally, 79 per cent of organisations have experienced ransomware attacks and 35 per cent of victims said an attack led them to lose access to data and systems. Interestingly, 66 per cent said either they or their insurance company made payment to reclaim the stolen data. On average, it’s been reported that the largest ransom paid by an organisation was around US$347,000.

When it comes to ransomware trends in 2023, here are the two main predictions Australian businesses must be aware of.

Ransomware actors are moving straight to extortion. As ransomware has proven successful, criminals are going to keep innovating and using it. It’s safe to assume it’s here to stay because, as we’ve seen from recent examples, ransomware works.

In the coming year, it can be expected that ransomware actors will skip encryption and move straight to extortion — and will act on their word to release data if their demands are not met. Similar to what we’ve seen with recent incidents a few months ago, when an organisation was contacted by the hackers with an attempt to negotiate a ransom, they publicly refused to bend to these demands, believing payment would encourage the criminals to directly extort customers. Upon this refusal to pay, the hackers began to release files on the dark web, including sensitive customer data.

A situation like that has not only a huge impact on the organisation and its reputation, but also exposes customers who trust them with extremely sensitive information. This is just another proof of how imperative it is for businesses to review cyber security systems and protocols regularly, to ensure they’re doing the best they can to stop hackers from infiltrating their systems and keeping business and customers’ personal data protected.

We’ll still pay up, just not in crypto. We still have a long way to go when it comes to cyber security. The reality is that in 2023, a big number of ransomware attacks will continue to happen and, therefore, ransoms will continue to be paid — but trends show that it will happen in a different way.

VIEW ALL

The world's largest cryptocurrency has lost about 58 per cent of value in the second quarter of 2022, and around $1.2 trillion has been wiped off the entire cryptocurrency market. Experts are predicting that we’ll see cyber criminals move away from cryptocurrency partly because of the instability, but also because of traceability, as everything happening on the blockchain is public.

Due to these factors, more hackers are predicted to move away from bitcoin and crypto ransom demands in 2023 — what again was already reflected in recent large-scale breaches we’ve seen this year, where ransom payments were not demanded in the form of cryptocurrency.

For unfortunate reasons, cyber security became a buzzword in Australia in 2022 — and we will definitely continue to hear it a lot as we move into the new year. These two key ransomware predictions just add to the fact that risk mitigation is essential and needs to be proactive, strategic and ongoing in order for organisations to protect their data, their business and their reputations.

Ransomware can encrypt faster than organisations can respond to it and in less than an hour, all files can be gone. This is something organisations can’t afford to go through anymore. Cyber criminals move quickly and organisations need to move in the same pace implementing systems to prevent and protect against attacks in the coming year.

Shannon Davis is the Staff Security Strategist at Splunk SURGe. You can find a link to Shannon's blogs here and a link to Shannon's LinkedIn here.