A joint Cybersecurity Advisory issued by U.S. and international partners, entitled “2021 Trends Show Increased Globalized Threat of Ransomware,” warns of “the growing international threat posed by ransomware over the past year” on a global perspective.

The trends outlined by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, the National Security Agency, the Australian Cyber Security Centre, and the United Kingdom’s National Cyber Security Centre include:

  • Cybercriminals are increasingly gaining access to networks via phishing, stolen Remote Desktop Protocols (RDP) credentials or brute force, and exploiting software vulnerabilities.
  • The market for ransomware became increasingly “professional” and there has been an increase in cybercriminal services-for-hire.
  • More and more, ransomware groups are sharing victim information with each other, including access to victims’ networks.
  • Cybercriminals are diversifying their approaches to extorting money.
  • Ransomware groups are having an increasing impact thanks to approaches targeting the Cloud, managed service providers, industrial processes and the software supply chain.
  • Ransomware groups are increasingly targeting organizations on holidays and weekends.

The advisory stresses the fact that ransomware “is a rising global threat with potentially devastating consequences…[and] remains one of the most disruptive cyber threats to organisations and individuals [that] requires a global solution.”  It is meant to provide education about the global threat of ransomware, and mitigation actions that companies can take to “bolster resilience.”

The “immediate actions that can be taken now include ensuring timely patching of all operating software; implementing a user training program that includes recognizing and reporting suspicious emails; securing and monitoring remote desktop protocol, if used; and maintaining an offline backup of your data.”

The threat of ransomware continues to rise and it is encouraging to see allies working together to assist in a global response.

Photo of Linn Foster Freedman Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her…

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.