Lee Ellams
April 19, 2023

Barracuda 2023 Ransomware Insights: Prevalence, Impact, and Mitigation Strategies

Barracuda, a worldwide leader in Security, Application Delivery and Data Protection Solutions, has recently released its 2023 ransomware insights.

The report reveals the prevalence and impact of ransomware attacks on organisations around the world and provides details of the steps your business can take to mitigate the risk.

Based on the data from 1,350 IT decision makers, the report revealed 73% of the organisations involved in the research had experienced a successful ransomware attack in 2022.

The fact that multiple successful attacks are possible suggests that security gaps are not fully addressed after the first incident.

In most of these instances, email remained the primary vector for attacks, accounting for 69% of such occurrences. Nonetheless, this figure varies depending on the sector, with consumer services more likely to suffer an attack originating from web traffic or web applications.

Alarmingly, the report also revealed that 38% of the organisations that experienced a successful ransomware attack, were then targeted again, multiple times.

While ransomware is not a new cybersecurity risk, it continues to be one of the most pervasive threats businesses face, with criminals continuously devising new and creative tactics to evade detection and extort victims.

Repeat victims are more likely to pay the ransom to recover encrypted data

The Barracuda report emphasises the need for companies to invest in multi-layered, integrated security solutions to protect their growing attack surface from these constantly evolving threats.

It also outlines the top cybersecurity areas to prioritise in order to reduce the risk and vulnerability to ransomware and other cyber-attacks, such as:
  • Implement measures to secure credentials. This requires a two-pronged approach – investing in detection and response tools, and training users.
  • Invest in email protection technology that is capable of detecting malicious payloads delivered through links or attachments, and also recognises when attacks use advanced social engineering tactics designed to bypass filters and fool users. Look for email security solutions that integrate machine learning technology to detect social engineering attacks more accurately, as these solutions can identify even the smallest deviations from usual communication patterns.
  • Educate employees on how to recognise and report suspicious emails. Utilise tools like phishing simulation to test the effectiveness of any training.
  • Secure access to accounts, applications, and networks using multifactor authentication (MFA). Despite its effectiveness, attackers have been finding ways to get around MFA, so consider adopting a Zero Trust access strategy that verifies users and devices continuously and only allows the right users to access the right resources.
  • Secure web applications like file-sharing services, web forms, and e-commerce sites. Invest in API-based application security and a next-generation web application firewall to block advanced threats, such as zero-day attacks, and provide network segmentation to prevent lateral movement within the network.
  • Back up data and ensure it is securely isolated, even in the cloud. Regularly test the backup recovery process to confirm it works.
  • Stay up to date with the ever-evolving threat landscape, including the latest attacker behaviours and tools. Investigate any anomalies or suspicious behaviour. If lacking the resources to do this, consider an outsourced Security Operations Centre, which can monitor the network 24/7 and investigate any anomalies.

To read Barracuda’s full report simply click here.

At TIEVA, we are proud to work in close partnership with Barracuda to provide our customers with the most effective solutions to help combat cyber threats, such as Ransomware. If you have worries concerning the security of your business or would like to have a chat about how we can help you to upgrade your level of protection, please don't hesitate to get in touch with our cyber security experts right away.

Sub-header icon