According to new EU figures obtained by CNN, significant cyberattacks against critical targets in Europe have doubled in the last year as the pandemic has pushed people indoors and online.
According to CNN, the European Union Agency for Cybersecurity (ENISA) reported 304 significant, malicious attacks against “critical sectors” in 2020, up from 146 the year before.
During the same time period, the agency reported a 47 percent increase in attacks on hospitals and health care networks, as the same criminal networks sought to profit from the pandemic’s most critical services.
The figures show the growing global impact of cyberattacks, which have recently caused havoc in the United States when the Darkside group targeted the Colonial Pipeline network, causing gas station lines due to fears of shortages.
The pandemic meant “a lot of services were provided online and that happened in a kind of rush, so security was as an afterthought,” said Apostolos Malatras, team leader for knowledge and information at ENISA. People stayed indoors at the same time, allowing them to investigate vulnerabilities in systems and critical infrastructure, he added.
According to surveys conducted by the British security firm Sophos, the average cost of a ransomware attack has doubled in the past year. According to the survey, the cost for 2020 was estimated to be $761,106, but by this year, it had risen to $1.85 million. Insurance, business losses, cleanup, and any ransomware payments are all included in the price.
According to John Shier, senior security adviser at Sophos, the rising cost reflects the increased complexity of some attacks. While the number of attacks has decreased, their sophistication has increased.
“It looks like they are trying to be more purposeful,” Shier said. “So they’re breaching companies, understanding exactly what company they breached and trying to penetrate as fully as possible, so that they can then extract as much money as possible.”
Both Shier and Malatras mentioned the new threat of “triple extortion,” in which ransomware attackers encrypt data on a target’s systems and extract it before threatening to publish it online. The attackers then move on to a third phase, where they use the data to attack the target’s systems and blackmail its clients or contacts, according to the report.
“If you are a customer of this company whose data has been stolen, they’ll threaten to release your information or they’ll also call other companies that are your partners,” said Shier. He added the highest ransom payment he had heard of was $50 million.
Another danger is “fileless attacks,” in which the ransomware isn’t contained in a file and is instead accessed through human error, such as clicking on a suspicious link or opening an attachment. Fileless attacks infiltrate a computer’s operating system and frequently reside in its RAM memory, making antivirus software more difficult to detect.
The US Department of Justice announced last week that it will coordinate its anti-ransomware efforts using the same protocols it uses to combat terrorism, and the Biden administration is considering taking offensive action against major ransomware groups and cyber criminals.
The approach would be similar to that of other allies, such as the United Kingdom, which announced the existence of a National Cyber Force (NCF) in November to combat key online threats to the country. CNN spoke with a spokesperson for GCHQ, the UK’s signals intelligence and information security agency and said, “Last year we avowed the NCF, a partnership between GCHQ and the Ministry of Defence, with the remit to disrupt adversaries … using cyber operations to disrupt hostile state activities, terrorists, and criminal networks threatening the UK’s security.”