U.S., international partners detail major ransomware trends

Top cybersecurity agencies in the U.S., U.K., and Australia on Wednesday warned that they observed a global rise in “sophisticated, high-impact ransomware incidents" targeting critical infrastructure in 2021 and expect the trend to continue.

The market for ransomware has also become more “professional,” as digital criminals use a wide variety of tools to hack into networks and increasingly share the information they purloin, according to a joint cybersecurity advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency, FBI, Australia’s Cyber Security Centre and the United Kingdom’s National Cyber Security Centre.

Last year saw the most high-profile ransomware attacks in history, including strikes on the Colonial Pipeline, food processor JBS and software company Kaseya. Attacks also proliferated down to state and local governments, school districts and even hospitals. 

“We live at a time when every government, every business, every person must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim,” CISA Director Jen Easterly said in a statement, adding that while the organization has “taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience.”

Other major trends identified by the U.S. and its international partners include: cybercriminals diversifying their approaches to extorting money and ransomware gangs targeting managed service providers and the software supply chain; and malicious actors taking advantage of holidays and weekends when security operations centers may be understaffed.