According to figures from Check Point Research, ransomware attacks are becoming increasingly rare. Attackers are now more focused on data exfiltration than destruction and chaos.

Ransomware: The word alone strikes fear among business leaders. Ransomware has been cybercriminals’ preferred attack technique for years, but that appears to be changing. Security firm Check Point Research has noted a significant decline in the number of ransomware attacks. Although there have already been millions of attacks this year, only two percent worldwide are ransomware. In Belgium it is only 1.7 percent.

Better secured

The decline in ransomware attacks is a cause for concern for security teams worldwide. Companies are much better protected today than they used to be, Check Point researchers find. Integrated rather than point-based security solutions and the introduction of AI into detection tools have brought significant improvements to defenders.

As a result, cybercriminals must constantly develop new attack methods in what can be an endless and exhausting cycle. Hackers eventually lose interest in ransomware in favor of simpler and equally lucrative forms of cyberattacks. Because carrying out attacks also costs them money and therefore has to be profitable.

Check Point assumes that ransomware will even disappear completely in the long term. Marco Eggerling, Global CISO: “I expect the more traditional ransomware approach to disappear on its own. Ransomware groups will bring about their own demise because infrastructure is expensive to manage. That’s why they now almost exclusively opt for a quick payout.”

The war is not over yet

The fact that ransomware is less common does not mean that attackers are taking it easy, on the contrary. The focus of attacks is shifting to exfiltrating data and threatening to make it public if the victim doesn’t pay. To protect yourself from this, Check Point recommends the following measures:

• Encrypt your data both “on site” and during processing.
• Back up your backups.
• Maintain dedicated key management for cloud-based data repositories to manage potential third-party risks.
• Maintain proper endpoint hygiene, particularly disk encryption and identity management.