Ransomware a 'scourge on society,' Omdia reports

In addition to ransomware, hacking and supply chain attacks are the leading ways that bad actors obtain corporate data for exposure, the research group said.

Kelsey Ziser, Senior Editor

February 15, 2022

3 Min Read
Ransomware a 'scourge on society,' Omdia reports

Ransomware remains one of the top ways that organizations' data is exposed, and data exposure accounts for over two thirds of reported security breaches, according to research group Omdia.

In addition to ransomware, hacking and supply chain attacks are the leading ways that bad actors obtain corporate data for exposure, said Omdia in its third-annual report on Data Privacy Day, which occurred on January 28.

The impact of ransomware can be expensive and have far-reaching impacts. Omdia noted that the impact of the 2021 Colonial Pipeline attack in the US even shocked hackers, explaining that "the attackers appeared genuinely surprised by how much disruption had been caused, apologized and took the surprisingly low ransomware payment of around $4.5 million, some of which has since been recovered."

In a recent Light Reading podcast, Mike Frane, VP of product management for Windstream Enterprise, echoed concerns that ransomware will be on this rise in 2022: "We're going to see an increase in ransomware attacks, malware and exploits ... make sure your security is evolving as fast as your business model and your network."

On this episode of the Light Reading Podcast, Mike Frane provided his forecast for enterprise trends in 2022.

"Ransomware continues to be a scourge on society, not only making corporate data inaccessible until a ransom is paid (including personally identifiable information, or PII) but also threatening to expose this data if the ransom isn't paid," said Data Privacy Day report authors Maxine Holt, senior director of cybersecurity; and Bradley Shimmin, chief analyst of AI platforms, analytics and data management for Omdia, a research group that's part of Light Reading's parent company, Informa.

In years past, the threat of ransomware stemmed mainly from the potential loss of data – now bad actors often threaten to release sensitive data, in addition to holding data hostage.

"Now you not only lose access to your data but they can give it to other people … we've seen the commoditization of ransomware, giving out ransomware-as-a-service and how mature these marketplaces have become," Suzanne Widup, senior principal threat intel analyst for Verizon, told Light Reading in a recent podcast.

On this episode of the Light Reading Podcast, Verizon's Suzanne Widup provided insight into cybersecurity trends and shared key findings from the service provider's annual Data Breach Investigations Report (DBIR).

However, enterprises are increasingly placing more value on data protection – Omdia's annual IT Enterprise Insights Survey for 2021-22 revealed that management of security, identity and privacy is the leading IT trend for nearly 20% of organizations. Even though more organizations are recognizing the importance of data privacy and security, only 48% or enterprises have a fully developed or well-advanced approach to cybersecurity and digital risk, and 52% have a substantially inadequate approach, according to the survey.

To better protect their data, Holt and Shimmin encouraged organizations to focus on the information lifecycle (create, process, store, transmit and destroy) to identify which data should be protected and how and where it should be stored.

"Furthermore, classifying data appropriately is important as all data is not equal: some data will require strong protection and other data will not," said the authors. The use of artificial intelligence (AI) can also reveal data patterns that can alert organizations to potential threats."

Omdia analysts also recommend organizations regularly review and improve their strategies to protect against potential ransomware attacks and invest in AI tools to identify and respond to data privacy risks.

"AI techniques such as unsupervised deep learning (DL) can help organizations understand attack targets and vectors by encouraging observability across the data lifecycle," they explained.

— Kelsey Kusterer Ziser, Senior Editor, Light Reading

About the Author(s)

Kelsey Ziser

Senior Editor, Light Reading

Kelsey is a senior editor at Light Reading, co-host of the Light Reading podcast, and host of the "What's the story?" podcast.

Her interest in the telecom world started with a PR position at Connect2 Communications, which led to a communications role at the FREEDM Systems Center, a smart grid research lab at N.C. State University. There, she orchestrated their webinar program across college campuses and covered research projects such as the center's smart solid-state transformer.

Kelsey enjoys reading four (or 12) books at once, watching movies about space travel, crafting and (hoarding) houseplants.

Kelsey is based in Raleigh, N.C.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like