Ransomware attacks surge by 62%, according to Sophos

Sophos has reported a significant 62% increase in ransomware attacks over the past year, according to its latest report titled “CryptoGuard: An Asymmetric Approach to the Ransomware Battle”.

The report reveals that several prolific ransomware groups such as Akira, ALPHV/BlackCat, LockBit, Royal, and Black Basta are deliberately transitioning to remote encryption for their attacks, contributing to the alarming rise in intentional remote encryption attacks.

The cybersecurity firm highlighted the effectiveness of Sophos CryptoGuard, an anti-ransomware technology, in monitoring malicious file encryption and providing immediate protection and rollback capabilities, even in cases where the ransomware does not appear on the protected host.

Sophos’ Vice President of Threat Research and co-creator of CryptoGuard, Mark Loman, emphasized the growing threat of remote encryption, stating, “Remote encryption is going to stay a perennial problem for defenders, and based on the alerts we’ve seen, the attack method is steadily increasing.”

👉 For more insights, check out this resource.

Since the emergence of CryptoLocker in 2013, which was the first ransomware to employ remote encryption with asymmetric encryption, adversaries have exploited security gaps in organizations worldwide and the rise of cryptocurrency to escalate the use of ransomware.

Loman explained the challenge posed by remote encryption and the need for innovative solutions, saying, “Other solutions focus on detecting malicious binaries or execution. In the case of remote encryption, the malware and execution reside on a different computer (unprotected) than the one having the files encrypted. The only way to stop it is by watching the files and protecting them. That’s why we innovated CryptoGuard.”

👉 Discover more in this in-depth guide.