Ransomware attacks hit multiple critical US infrastructures in 2021, report says

Businesses and government agencies faced a spike in global cyberattacks during 2021, forcing them to put out fires all over their networks, the Cybersecurity and Infrastructure Security Agency said in a report released Wednesday. Hackers are becoming craftier, as seen with last summer's Colonial Pipeline ransomware attack, where the company paid off a $4 million demand. 

Such ransomware incidents are on the rise and getting more sophisticated, CISA warned.

"We live at a time when every government, every business, every person must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim," CISA Director Jen Easterly said in a release. "Reducing risk to ransomware is core to CISA's mission as the nation's cyber defense agency, and while we have taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience." 

The agency issued a global advisory highlighting how criminals use malware, phishing and remote desktop tactics to access networks. Once they're in, they lock down entire systems and extort the victims for money in exchange for granting access. According to CISA, cybercriminals are upping their activity on weekends and holidays, when organizations and individuals are more vulnerable. Additionally, they're focusing on the cloud, supply chains, industrial processes and managed service providers.

Ransomware gangs are sharing victims' information and finding new ways to blackmail their targets. To help reduce risk of an attack, the CISA advises organizations to keep their software up to date, monitor remote desktop protocols and train their staff on phishing awareness. Members of the public should protect their data with offline backup methods. For more information about ransomware tactics and prevention, visit the CISA's Stop Ransomware site.