Federal cybersecurity agencies from the United States, United Kingdom and Australia have issued a joint advisory regarding a severe uptick in ransomware attacks throughout 2021 across the three countries.

The increased threat on critical infrastructure has prompted this advisory, according to the US’s Cybersecurity and Infrastructure Security Agency (CISA). 

Following high-profile attacks on Colonial Pipeline, Kaseya, and JBS in 2021, threat actors began to shift away from “big game hunting” and draw their focus to smaller companies, the bulletin said. That particular trend did not carry through UK and Australian attacks – both of which reported that targets of all sizes were victims, according to the report.

The joint bulletin highlighted that threat actors are gaining access to networks with phishing, stolen remote desktop protocols, or by brute force. It also mentioned that the use of “cybercrime services-for-hire” were becoming increasingly prevalent.

Because of this, the three nations stated the importance of not paying ransoms.

“Cybersecurity authorities in the United States, Australia, and the United Kingdom assess that if the ransomware criminal business model continues to yield financial returns for ransomware actors, ransomware incidents will become more frequent. Every time a ransom is paid, it confirms the viability and financial attractiveness of the ransomware criminal business model,” the bulletin stated.

Ransomware groups are boosting their impact via targeting cloud-based applications, managed service providers, industrial processes, and the supply chain. Plus, they tend to attack on weekends and holidays when there are fewer IT support personnel at the victim organizations, the report said. This issue had been previously discussed in another CISA bulletin. 

For their part, organizations can avoid these pitfalls and threats through proper preparation and mitigation steps, according to CISA. This includes installing software updates, requiring user training on phishing and other nefarious practices, as well as implementing multi-factor authentication.

You can read the full memo here

 

 

 

Leave a Reply

Your email address will not be published.

Recent news posts

This is a sample blog post title.
Featured Image

Costa Rica Ransomware Attack Continues to Plague Citizens

This is a sample blog post title.
Featured Image

What the Crypto Crash Means for Cyber Crime

This is a sample blog post title.
Featured Image

Scaling, Improving and Automating Your GRC Strategy

This is a sample blog post title.
Featured Image

CISA Issues Emergency Directive 22-03, Encourages VMware Updates

This is a sample blog post title.
Featured Image

Cyber Fraud Task Force: Weekly News Update

Attend an Event!

Connect and collaborate with fellow security innovators at our Virtual Cybersecurity Summits.

Register Today