Ransomware incidents increase 4-fold in 2 years: Spain suffered fewer attacks and was more aware in 2020 than USA, France or Italy

This is an automated machine translation of an article published by Business Insider in a different language. Machine translations can generate errors or inaccuracies; we will continue the work to improve these translations. You can find the original version here.

Ransomware is a type of malicious code that when introduced into the systems of a company or an organization is dedicated to encrypting all its files and spread across all devices. It has thus become a favorite weapon of cybercriminal groups who then demand ransoms from their victims in exchange for a return to normality.

Precisely because of the pandemic, such incidents increased by nearly 90% according to a VMware report. Now, expanding the focus, CrowdStrike ensures in a new document that this type of cyber-attacks has increased 4-fold from January 2019 to the present.

An increase of 300%, according to the Global Threat Report for 2021. Although only a few cases are reported in the media -the most recent and controversial is the cyberattack with Ryuk that has left the systems of the Public Employment Service out of service-, the reality is that cyberattacks with ransomware are the order of the day.

The second half of 2019 already saw a wave of cyberattacks that fiercely hit some Spanish companies such as Everis and Prosegur. Just before the pandemic began in March last year, a hospital in Torrejón de Ardoz suffered a cyberattack that caused many healthcare workers to have to operate without IT resources.

Unions and Computer Science associations explode and denounce precariousness and lack of resources in the administration while the SEPE tries to recover from the cyber-attack.

During the pandemic, the situation worsened even more. SegurCaixa Adeslas or Mapfre suffered cyber-attacks of this kind. In addition, one of the worst fears of the cybersecurity industry came true: cybercriminal groups no longer limited themselves to ‘kidnapping’ and ‘encrypting’ their victims’ information: they also began to steal it in order to leak it to the public if ransoms were not paid. It happened, for example, to the Spanish railway infrastructure company, Adif.

CrowdStrike’s new report, which has been compiled using its network analysis tools and information from various vendors, also highlights that intrusions aimed at stealing information on COVID-19 vaccines have been one of the main targets of cybercriminals.

Another statistic from the cybersecurity company states that 40% of companies in Spain suffered a ransomware attack during the most complicated period of the pandemic last year. Out of the 100%, 23% of the firms acknowledge that they suffered one attack, and 17% that they suffered more than one.

However, the data shown by the Spanish cybersecurity ecosystem are very positive. In a table drawn up by the firm, Spain is the second country in which the companies consulted suffered the fewest attacks with ransomware. It is only surpassed by the United Kingdom, where 39% of the companies detected intrusions in their systems.

By neighboring countries, France acknowledges that 60% of its companies suffered ransomware incidents. The number is similar in Germany, with 59%. In Italy, 56%. In the United States, 58%. The global average is that 63% of the companies surveyed suffered cyber-attacks of this type.

This is what cybercriminals pay on the dark web for your data: stolen Spanish credit cards are among the most expensive, only 30 euros.

But Spain also stands out in something else. Of all those surveyed in Spain, 45% acknowledged that they had not suffered any ransomware incident but recognized that it could happen in the coming months. Of all the Spanish cybersecurity specialists consulted by the company, only 14% considered it unlikely that they would suffer an attack of this type.

That 45% is the highest percentage of all the countries surveyed by the firm. Specialists in France or Italy, for example, considered 28% and 27% that they could suffer incursions such as those described.

The high percentage of Spanish cybersecurity experts who admit that they could suffer a cyberattack of this kind in the coming months can be interpreted in two ways. Either they are resigned because they lack all the defenses they should have, or they are clearly aware that incidents can happen at any time.

The CrowdStrike survey has been done with 2,200 cybersecurity professionals around the world, of which 1,100 have a position with which they make decisions in their companies and the other 1,100 are professionals. In Spain, 100 people were surveyed.

Read the original article on Business Insider