Cyber agencies release 2021 ransomware trends report

The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) issued a joint Cybersecurity Advisory outlining the growing international threat posed by ransomware over the past year.

The advisory titled “2021 Trends Show Increased Globalized Threat of Ransomware” outlines top trends seen across three nations including:

  • Cybercriminals are increasingly gaining access to networks via phishing, stolen Remote Desktop Protocols (RDP) credentials or brute force, and exploiting software vulnerabilities.
  • The market for ransomware became increasingly “professional” and there has been an increase in cybercriminal services-for-hire.
  • More and more, ransomware groups are sharing victim information with each other, including access to victims’ networks.
  • Cybercriminal are diversifying their approaches extorting money.
  • Ransomware groups are having an increasing impact thanks to approaches targeting the cloud, managed service providers, industrial processes and the software supply chain.
  • Ransomware groups are increasingly targeting organizations on holidays and weekends.

Importantly, today’s Cybersecurity Advisory also lays out mitigations to help network defenders reduce their risk of compromise, appropriate responses to ransomware attacks, and key resources from each respective cyber agency.

“We live at a time when every government, every business, every person must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim,” said CISA Director Jen Easterly. “Reducing risk to ransomware is core to CISA’s mission as the nation’s cyber defense agency, and while we have taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience. With our NCSC-UK, ACSC, FBI, and NSA partners, we urge organizations to review this advisory, visit to take action to strengthen their cybersecurity posture, and report unusual network activity or cyber incidents to government authorities.”

“The FBI is committed to protecting the public from the rise in ransomware attacks that we have seen in recent years,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “With our partners in and outside of government, the FBI is working to bring all our tools to bear against these criminals. It is critical for business leaders across industries and the public to take action immediately to harden their systems and work with law enforcement to tackle this threat.”

“When critical infrastructure is held at risk by foreign hackers operating from a safe haven in an adversary country, that’s a national security problem,” said NSA Cybersecurity Director Rob Joyce. “The ransomware scourge is a significant focus area for NSA as we generate insights alongside our partners. Network defenders should take action on the mitigations in the advisory.”

“Ransomware remains one of the most disruptive cyber threats to organizations and individuals. This global problem requires a global solution. That is why the ACSC is joining with our US and UK partners to issue this advisory, providing a coordinated global response to counter these cyber threats. It is critical that individuals, businesses and industry follow the advice and mitigation strategies in this joint advisory to strengthen your networks and uplift your defenses to protect yourselves against this threat,” said Abigail Bradshaw CSC, Head of the Australian Cyber Security Centre.

“Ransomware is a rising global threat with potentially devastating consequences but there are steps organizations can take to protect themselves,” said NCSC CEO Lindy Cameron. “To help ensure organizations are aware of the threat and how to defend themselves we have joined our international partners to set out the very latest threat picture alongside key advice. I strongly encourage UK CEOs and Boards to familiarize themselves with this alert and to ensure their IT teams are taking the correct actions to bolster resilience.”

Source: NSA

Like IC News? Then please consider subscribing. You’ll get full access to our searchable library of 10,000+ articles, plus new articles each weekday.