Drop-offs in ransomware activity are not a new occurrence . These lulls have previously been attributed to factors such as geo-political unrest , as seen when Russia invaded Ukraine , forcing combined Russian / Ukraine ransomware groups to split and re-group , or threat actors allowing the heat to die down in the aftermath of a major incident , like the Colonial Pipeline ransom .

We ’ ve seen periods of decreased activity like this before , only to then witness the activity being replaced with vigorous new campaigns . With that evolution comes adaptation to ever-improving security controls . Organizations must remember that decreased incidents are likely the result of a shift in tactics , rather than a decrease overall .

Decrease in ransomware incidents aside , there has been a visible increase in cybercriminals targeting individuals through effective spear phishing campaigns , with the ACCC reporting Australians lost approximately US $ 2 billion to scams in 2021 – an 84 % increase compared to the previous year . These scams are not generally attributed to ransomware but can be detrimental to the individual or business .

Additionally , a decrease in the number of ransomware incidents is not something to celebrate while the severity of those attacks is increasing . The ACSC reported that in 2021 – 22 , the average loss per reported incident of cybercrime increased by 14 % when compared to 2020 – 21 . Ensuring robust security measures are in place will be necessary for organizations on an on-going basis , not just to defend against attacks but to minimize the impacts when they do occur .

It ’ s also important to factor in the potential for continuing consequences that can result from a single attack . The focus of ransomware attacks is exfiltrating or stealing data . Once that data , which is often sensitive personally identifiable information ( PII ), is in the hands of the cybercriminals , there are many , many ways it can be used maliciously .

As cybercriminals continue to find new ways to make money from their attacks , it ’ s likely they will increase focus on exploiting the personal information of individual victims , either through scams or fraud schemes which are , as is the case with cybercrime trends in general , becoming more sophisticated .

In a situation where attackers are unable to make money through ransomware attacks and subsequent blackmailing attempts , they will adjust their course to target individuals .

Ransomware attacks will continue to pose a significant threat , only worsening in severity as the tactics evolve . Resting on the notion that a decreasing number of attacks reflects a vanishing threat is an enormous mistake , and organizations that don ’ t remain prepared will suffer the consequences .

34 INTELLIGENTCIO APAC www . intelligentcio . com

Intelligent CIO APAC Issue 32 | Page 34