BlackFog CEO Dives Deeper Into Recent State of Ransomware Report

BlackFog, a leader in data security and anti-data exfiltration, provides a free ransomware report which is updated monthly with key developments and trends, with August findings pointing to an increase in attacks on the public sector.

The latest iteration went live today: BlackFog State of Ransomware Report.


Report Key Findings:

  • August saw 21 total reported ransomware attacks

  • Government and healthcare have been the hardest hit sectors this month, experiencing 21% and 15% increases, respectively.

  • The United States continues to be the dominant target with 45% of attacks targeting the country this past month.

  • Data exfiltration continues to be the main threat with 81% of all attacks now threatening to exfiltrate data.

We spoke with Dr. Darren Williams, CEO and Founder, BlackFog, to discuss the report's findings in greater depth and what organizations should be doing to defend against the threat of ransomware.


How is ransomware trending over the past 3 months?

The past 3 months have seen all time records in ransomware year over year with a 55% increase in attacks. 2021 has surpassed 2020 every month of the year through August. What are the most staggering findings from your report? Did anything surprise you?

Beyond the sheer volume of attacks the government and education sectors are already approaching 2020 levels and there is still 4 months to go. The USA still represents almost half of all attacks globally. Most striking is that REvil attacks are almost 50% higher than last year and reflects the success this group has been having with attacks. What has changed in terms of ransomware preparedness and education since Colonial Pipeline? Are more organizations taking it seriously or is this another situation where orgs only care when ransomware is in the news? There is definitely a much more heightened awareness about ransomware and cyber threats generally. There is a higher degree of interest in new approaches to solving this problem beyond typical perimeter defense and a recognition that existing solutions are just not working. We are seeing much more interest in anti data exfiltration to prevent the attack and data loss. There is a U.S. ransomware bill in the works. Do you think government guidance will help or is it all up to organizations to take control of their preparedness and response to ransomware? Government guidance can definitely help, but ultimately it's up to each individual organization to put in place the right security protocols. The consequences associated with deficient practices has been felt with several companies now being sanctioned by the SEC.

We expect that C level executives are reassessing their practices with the risks becoming even higher not only through direct fines but with losses associated with business disruption, extortion, espionage and class action lawsuits, to name just a few.


###