You are here

CISA, FBI, NSA and International Partners Issue Advisory on Ransomware Trends from 2021

CISA, FBI, NSA and International Partners Issue Advisory on Ransomware Trends from 2021

Created: Thursday, February 10, 2022 - 13:47
Categories:
Cybersecurity

The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, National Security Agency (NSA), Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK), just published a joint Cybersecurity Advisory outlining the growing international threat posed by ransomware over the past year. The advisory, 2021 Trends Show Increased Globalized Threat of Ransomware, summarizes the top ransomware trends observed across all three countries. The report notes that 14 of the 16 critical infrastructure sectors experienced ransomware incidents last year.

The top trends observed include, but are not limited to, the increasing professionalization of ransomware threat actors, criminals diversifying their approach to extorting money, ransomware groups having an increasing impact thanks to approaches targeting the cloud, managed service providers, industrial processes and the software supply chain, and criminals gaining initial access to networks via phishing, stolen Remote Desktop Protocols (RDP) credentials or brute force, and exploiting software vulnerabilities. Additionally, ransomware threat actors are increasingly targeting organizations on holidays and weekends. The advisory also provides mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.

“We live at a time when every government, every business, every person must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim,” said CISA Director Jen Easterly. “Reducing risk to ransomware is core to CISA’s mission as the nation’s cyber defense agency, and while we have taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience. With our NCSC-UK, ACSC, FBI, and NSA partners, we urge organizations to review this advisory, visit stopransomware.gov to take action to strengthen their cybersecurity posture, and report unusual network activity or cyber incidents to government authorities.” Read the full advisory at CISA.