Ransomware and email attacks are hitting businesses more than ever before

Misconfigured systems and poor MFA implementations are to blame

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Ransomware and business email compromise (BEC) attacks are hitting businesses more than ever before, a new report by Cisco Talos Incident Response (Talos IR) has claimed.

The report statesransomwareand BEC accounted for almost two-thirds (60%) of engagements, combined. There had been fewer BEC engagements this quarter, compared to the previous one, Talos added, noting it was “still a major threat for the second quarter in a row.”

At the same time, Ransomware accounted for almost a third (30%) of engagements this quarter, up by a quarter (22%) compared to the same time three months ago.

Tech firms in the crosshairs

Furthermore, the researchers observed Mallox and Underground Team ransomware families for the first time, suggesting the number of threat actors in the industry continues to grow. At the same time, Black Basta and BlackSuit ransomware operations continue to wreak havoc among organizations.

The majority of organizations falling victim to either ransomware or BEC attacks are in the technology industry, the report further states. This is due to these firms having extensive digital assets, supporting critical infrastructure. As a result, they have minimal tolerance for downtime and would be more keen to pay the ransom demand and get back to work as soon as possible. Furthermore, tech firms are often seen as gateways into other industries, as well.

In total, a quarter (24%) of engagements in these past three months were from tech firms, closely followed by healthcare, pharma, and retail. Attacks against tech firms are up by 30%, quarter-on-quarter.

Talos says that a huge majority (80%) of victims fell prey to ransomware attacks because they didn’t have proper MFA implementations on critical systems, including virtual private networks (VPN). The remainder of the victims fell prey due to either vulnerable, or misconfigured systems, the researchers concluded. Talos IR observed a 46% increase in each of these security weaknesses from the previous quarter.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

5 must-have Android apps