- Ransomware incidents in the UK have declined sharply in volume, but successful compromises have increased significantly year-on-year.
- Attackers have opted for targeted, human-operated methods, with small businesses disproportionately affected compared to large enterprises.
- Outdated “zombie technology” and undetected breaches have fueled millions of attack attempts, while data theft has replaced file encryption as the primary extortion tactic.
Last year, the volume of ransomware attacks in the UK fell by 87%. But before you drink champagne and throw confetti in the air, here’s another, more alarming statistic: the number of UK organizations that have been successfully compromised has actually increased by 20% year-on-year.
These are the figures published by security researchers SonicWall. By measuring the threats its firewalls stop as soon as they attempt to enter a network, the company found that ransomware perpetrators have moved away from “spray and pray” techniques and toward a more targeted, human-operated “big game hunting” methodology.
The same report indicates that smaller organizations were more likely to be targeted by ransomware, as it was present in 88% of SMB breaches, compared to 39% among large enterprises.
Article continues below
Zombie technology
SonicWall also said that almost all incidents recorded in the UK (96.7%) occurred in England.
If there is one thing we can point to, it is the crisis of “zombie technologies”, the researchers explain. Many organizations use old, outdated, and unsupported hardware, leaving gaping holes that cybercriminals can easily exploit. SonicWall said a single decade-old flaw in a widely deployed Hikvision IP camera resulted in 67 million attack attempts nationwide.
The problem is further compounded by the fact that the majority of IT leaders (80%) are confident they can detect a breach within eight hours, even though the average attack goes unnoticed for 181 days. Automated threats, as well as AI-based attacks, have almost doubled year over year, further increasing the risk.
Ransomware attacks these days rarely include encryptors blocking access to vital documents. Instead, cybercriminals focus solely on data exfiltration and the threat of distributing stolen files on the dark web. It is cheaper and easier to maintain, while being just as efficient in terms of extorted funds.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
