A March 2022 report from the Senate Committee on Homeland Security and Governmental Affairs zeros in on the growing problem of ransomware and lessons learned so far.

When Senate committees need to better understand a pressing issue, staff reports are often written to help members understand the scope of the problem. One such report was just released on the topic of ransomware, entitled America’s Data Held Hostage: Case Studies in Ransomware Attacks on American Companies.

In it, some not-so-surprising stats were brought to life to simply and effectively summarize the state of ransomware:

  • 3 million attempted ransomware attacks worldwide in 2021
  • 5 million of those attacks occurred in the United States
  • The U.S. experienced a 98% increase in attacks in 2021

The report provides committee members with three examples of real-world ransomware attacks. The first, in which a multi-sector Fortune 500 company with over 100,000 employees – and 200 employees focused solely on IT security – was the victim of a REvil ransomware attack, presents some quite shocking lessons learned.

  • It took them a week to eradicate the threat actors from having access to their network
  • Backups were one of the reasons it *only* took one week
  • Their biggest takeaway was “the sophistication of hostile actors and the financial means at their disposal

It says a lot when an organization with 200 talented cybersecurity professionals can’t stop a successful attack from occurring (with no offense meant towards them), and when they are warning the rest of us about how sophisticated the cybercriminal really is.

Phishing still represents one of the top initial attack vectors in ransomware attacks, making it imperative that every single employee – from the bottom to the top – enroll in Security Awareness Training that heightens their sense of cyber-vigilance, limiting the attack surface and reducing the likelihood of a successful attack via phishing.