Security Experts Predict 65,000 Ransomware Attacks in 2021
In a recent interview for Yahoo Finance, a security expert predicted that there will be over 65,000 ransomware attacks, targeting just US companies. The estimate comes from John Chambers, former CEO of cyber security giant Cisco.
Chambers cited the recent big US company names that have come under fire from ransomware threat actors, including McDonald's and more recently Colonial Pipeline as well as JBS USA. Those were just the most high-profile attacks, in an ongoing chain that includes many other names. The fact that the 65 thousand estimated attacks over the course of the current year is a number focusing on just US-based targets is also concerning.
Concerning Projections for 2021
Chambers believes the projected number of attacks could reach a staggering 100,000 on the pessimistic end of the scale, and ransoms payouts averaged out among all victims could approach $200 thousand. The payouts in the cases of the high-profile attacks against JBS and Colonial were in the millions of dollars. Even though a team of federal security experts managed to recover a significant portion of the money Colonial paid, JBS still paid a shocking $11 million to the attackers.
Intriguingly, according to reports, the better part of the company's affected infrastructure was up and running at the time of the ransom payment. As a matter of fact, in the wake of revealing the $11 million ransom payment, the CEO of JBS has been called by the US Congress for "answers", as reported by multiple outlets.
Ransomware Challenges Ahead
Chambers further outlined the importance of new startup companies focusing specifically on prevention and security and running tests on their customer's infrastructure, to see how well it would hold up against a real attack. Additionally, he spoke of the importance of new and emerging identification technologies, including voice identification, as being crucial in ensuring that only the authorized individuals can have access to the most crucial parts of a company's network.
Nobody is too big to fall, it seems, as the ransomware attack on Colonial Pipeline was executed by abusing just a single password. A VPN application was used, that did not have any two-factor authentication protocols built into it, so the bad actors only needed a single password string to execute their hack.
Ransomware is not going anywhere and seeing how huge companies fall victim to successful attacks and ransom payouts in the millions follow, this will only serve as additional incentive for new bad actors to continue the trend in the future.