- Ransomware incidents in the UK fell sharply in volume, but successful compromises increased significantly year-on-year
- Attackers shifted to targeted, human-driven methods, with small businesses being disproportionately affected compared to large enterprises
- Outdated “zombie technology” and undetected breaches fueled millions of attack attempts, while data theft replaced file encryption as the primary extortion tactic
Last year, the amount of ransomware attacks in the UK fell by 87%. But before you pop the champagne and throw the confetti into the air, there’s another, more alarming statistic: the number of UK organizations successfully compromised actually rose by 20% year-on-year.
These figures are published by security researchers SonicWall. By measuring threats, their firewalls stop right when they try to enter a network, and the company revealed that ransomware actors were moving away from “spray-and-pray” techniques and towards a more targeted, human-driven “big game hunting” approach.
The same report states that smaller organizations were more likely to be targeted by ransomware, as it was present in 88% of SMB breaches, compared to 39% for large enterprises.
The article continues below
Zombie technology
SonicWall also said that almost all UK recorded incidents (96.7%) happened in England.
If there’s one thing we can point our finger at, it should be the “zombie-tech” crisis, the researchers explained. Many organizations run old, outdated and unsupported hardware, leaving gaping holes that cybercriminals can easily exploit. SonicWall said a single, decade-old flaw in a widely deployed Hikvision IP camera resulted in 67 million attack attempts nationwide.
The problem is only exacerbated by the fact that the majority of IT managers (80%) are confident that they can detect a breach within eight hours, even though the average attack remains unseen for a full 181 days. Automated threats as well as AI-enabled attacks have nearly doubled year-on-year, further escalating the risk.
These days, ransomware attacks rarely include encryptions that lock access to vital documents. Instead, cybercriminals are solely focused on data exfiltration and the threat of releasing stolen files onto the dark web. It is cheaper and easier to maintain, while being equally effective in terms of extorted funds.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
