In 2021, blackmail software is still the protagonist of cyber attacks. Compared with stealing data, attackers are more willing to make a profit by locking data and collecting ransom . According to Verizon's 2022 data breach investigation report, ransomware attacks involving malicious code disrupting data on victims' computers have increased by 13% this year, equivalent to the total of the past five years**
This is Verizon's 15th annual report. The researchers analyzed data from 5212 blackmail incidents and 23896 security incidents. In contrast, Verizon's first report in 2008 looked at 500 incidents over a three-year period.
In an interview with CNET, Alex Pinto, one of the study's lead authors, said: "it's a very crazy journey.". He added that in 2008, no one really wanted to quantify and measure cyber attacks.
Blackmail software made headlines in 2021 due to attacks on companies such as colonial pipeline and JBS USA. Pipeline operators and meat processors have paid millions of dollars to unlock their data, but their business closures have led to panic buying and soaring gas and meat prices.
Pinto said that 15 years ago, extortion software was still very small. This attack mode did not rise until 2008, and has attracted attention from all walks of life by 2013.
Pinto said that today, many cybercriminals find that they can make more money with less work by locking company data rather than stealing data for financial fraud or identity theft. He said that although data theft cases still exist, the sale of stolen information will increase the time and risk of cyber attackers.
Whether it is blackmail software attack or data leakage, human beings are still the weak link of the attack. Over the past 15 years, the use of social engineering involving cybercriminals in persuading people to download malware or hand over credentials has risen from 10% of the total number of violations to 25%.