If you have noticed a recent uptick in cyberattacks targeting infrastructure and government facilities, you are not alone. Aside from utilizing more sophisticated capabilities, the attacks are coming at us with an alarming frequency.
Now, according to a new study by IBM’s X-Force Incident Response and Intelligence Services (IRIS) team, destructive attacks devised with an intent to wipe data and shut down critical systems have increased by a whopping 200 percent over the past six months.
IBM said 50 percent of the malware attacks were in the manufacturing, oil and gas, and education sectors. Most of the destructive attacks observed by the team have taken place in Europe, the United States and the Middle East.
The use of destructive malware and ransomware can cost affected organizations $239 million on average, the researchers said — 61 times costlier than the average cost of a data breach ($3.92 million), based on a report released by IBM Security in July. The severity of the incidents can translate to multinational companies losing access to as many as 12,000 devices, in addition to devoting at least 512 hours for incidence response and remediation, researchers report, citing analysis of publicly disclosed cyberattacks.
The malicious code deployed in these cases can result in data loss, render enterprise devices inoperable, cripple device functions, and lock down systems in return for a ransom payment.
The cyber espionage group Strontium (also known as Fancy Bear or APT28) in particular has been notorious for its involvement in attacks against Ukrainian banks and infrastructure in June 2017.
While the use of such malware was restricted to state-sponsored hacking groups for bringing down geopolitical rivals, IBM researchers warn that, since late 2018, the attacks are expanding beyond nation-states. What’s more, cybercriminals appear to be incorporating destructive components, such as wiper malware — a class of malware that wipe the data from the computer hard drives it infects.
The findings are consistent with a recent report published by F-Secure that disclosed how organized criminal actors inspired by North Korean hacking groups are mounting a wide array of targeted cyberattacks against the global finance industry with an aim to steal data and sabotage trading systems.
Mike Consol (firstname.lastname@example.org) is editor of Real Assets Adviser. Follow him on Twitter @mikeconsol to read his latest postings.