- The volume of ransomware incidents in the UK decreased dramatically, but successful attacks increased significantly year on year.
- Attackers turned to human-directed and human-operated methods, disproportionately affecting small businesses compared to large enterprises.
- Outdated “zombie technology” and undetected breaches fueled millions of attack attempts, while data theft replaced file encryption as the primary extortion tactic.
Last year, the volume of ransomware attacks in the UK fell by 87%. But before you pop the champagne and throw confetti into the air, there’s another, more alarming statistic: the number of UK organizations that were successfully compromised actually increased by 20% year on year.
These are the figures published by SonicWall security researchers. By measuring the threats that its firewalls stop just as they try to enter a network, the company found that ransomware actors moved away from “spray and pray” techniques and adopted a more targeted, human-operated “big game” methodology.
The same report states that smaller organizations were more likely to be attacked by ransomware, as it was present in 88% of SMB breaches, compared to 39% in large enterprises.
Article continues below.
zombie technology
SonicWall also said that almost all of the incidents recorded in the United Kingdom (96.7%) occurred in England.
If there’s one thing we can point to, it should be the “zombie technology” crisis, the researchers explained. Many organizations use old, obsolete, and unsupported hardware, leaving large holes that cybercriminals can easily exploit. SonicWall said a single flaw a decade ago in a widely deployed Hikvision IP camera resulted in 67 million attack attempts nationwide.
The problem is only made worse by the fact that the majority of IT leaders (80%) are confident they can detect a breach within eight hours, even though the average attack remains invisible for 181 days. Automated threats, as well as AI-enabled attacks, have nearly doubled year over year, further increasing the risk.
Today, ransomware attacks rarely include encryptors that block access to vital documents. Instead, cybercriminals focus solely on data leaks and the threat of releasing stolen files on the dark web. It is cheaper and easier to maintain, while being equally effective in terms of extorted funds.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
