Ransomware threat increasing but median pay-offs decreasing, report says
There was a significant growth in threats from ransomware over the past 12 months, according to a new report focused on data breaches. The report, compiled by Verizon, showed a 37 per cent increase in ransomware threats compared to the same period ending in 2024.
Ransomware is often broadly defined as a malware that is designed to deny users, businesses or organisations access to their online data stored on computers or servers. In a ransomware attack, data is often encrypted and criminals demand payment for the decryption key.
There was a silver lining, however: the median amount paid to ransomware groups decreased to about $115,000, compared to $150,000 in the prior-year period.
Another bright spot, according to the report, was that 64 per cent of ransomware victims did not pay the ransoms.
Forty-four per cent of ransomware victims, according to Verizon, were local US governments, but similar bodies and municipalities in Europe, the Middle East and Africa have been affected.
"The real story here is that not only are these government entities being targeted, but they are also the favourite of certain ransomware gangs," the report stated.
Alexander Ivanyuk, technology director at the Swiss cyber-security company Acronis, told The National that the findings offer businesses and other entities some teachable lessons.
"Ransomware preparedness needs to go beyond prevention," Mr Ivanyuk said. "Organisations should maintain reliable back-ups, test recovery procedures regularly and develop response playbooks that cover scenarios like extortion, encryption, and data theft."
Credential abuse
The report also shows that the use of stolen, leaked and illicitly obtained user names and passwords – generally referred to as credential abuse – is still a major problem.
Verizon describes credential abuse as "still the most common vector" for costly and damaging data breaches.
Marc Manzano, general manager of cybersecurity at SandboxAQ, a company that works with quantum technology and artificial intelligence, said the continuing problems around compromised credentials go beyond user names and passwords.
"Crucially, the report highlights the types of credentials being stolen and misused – API keys, cloud infrastructure secrets, development pipeline tokens," he said.
Mr Manzano said cyber criminals were more quickly using technology and techniques, new and old, to identify and take advantage of security weaknesses.
"It specifically calls out the alarming speed – often zero days – at which edge device and VPN vulnerabilities are weaponised," he said.
"This underscores the absolute necessity for robust management of cryptographic assets and their dependencies, particularly for securing the machine-to-machine communications that rely on these edge systems."
Morey Haber, chief security adviser at cyber-security company BeyondTrust, echoed Mr Manzano's observations.
"This surge underlines the urgent need for stronger identity security measures," he said. Mr Haber stressed that the analysis shows the risks from employees using their own computers and devices to access work data.
"Nearly half of all compromised credentials are linked to bring-your-own-device environments and systems outside formal policy and governance, suggesting that corporate-managed systems offer stronger protection."
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arabian Post
24-05-2025
- Arabian Post
Switzerland Approves GNU Taler for Digital Payments
Switzerland has authorised the deployment of GNU Taler, a privacy-focused digital payment system, marking a significant development in the nation's transition towards a cashless economy. Taler Operations AG, the entity responsible for operating the system in Switzerland, will collaborate with Maerki Baumann Bank to facilitate transactions in Swiss francs . GNU Taler, an acronym for 'Taxable Anonymous Libre Electronic Resources,' is designed to offer privacy for payers while ensuring transparency for recipients. This dual approach aims to protect individual privacy without compromising regulatory compliance. Unlike blockchain-based systems, GNU Taler does not rely on distributed ledger technology, thereby avoiding the energy consumption and scalability issues associated with cryptocurrencies. The Swiss National Bank has been proactive in exploring digital payment solutions. In June 2024, the SNB conducted a live monetary policy operation using distributed ledger technology as part of Project Helvetia III, issuing digital SNB Bills settled in wholesale central bank digital currency . This initiative demonstrated the feasibility of implementing monetary policy on a DLT-based infrastructure. ADVERTISEMENT Switzerland's commitment to digital payments is further evidenced by the launch of an instant payments system in August 2024. Approximately 60 financial institutions, covering over 95% of Swiss retail payment transactions, are now capable of processing instant payments. The SNB aims for all financial institutions involved in retail payments to adopt this system by the end of 2026. GNU Taler's integration into Switzerland's financial ecosystem aligns with the country's broader strategy to embrace innovative payment technologies. The system's emphasis on privacy and compliance positions it as a viable alternative to existing digital payment methods. Its adoption could influence the development of central bank digital currencies and other privacy-preserving payment solutions globally. The system has already seen practical applications. At Bern University of Applied Sciences, students can use GNU Taler to make purchases from vending machines. Additionally, the Austrian National Bank has recommended GNU Taler as a model for the digital euro, highlighting its potential for broader adoption within the European Union.
Arabian Post
22-05-2025
- Arabian Post
Bitcoin Suisse Secures Abu Dhabi Licence in Strategic Middle East Expansion
Bitcoin Suisse, a pioneering Swiss crypto-financial services firm, has obtained regulatory approval to operate in Abu Dhabi, marking its inaugural venture beyond Europe since its establishment in 2013. This development underscores the United Arab Emirates' emergence as a magnet for global digital asset enterprises. The Abu Dhabi Global Market , the emirate's international financial centre, granted the licence, enabling Bitcoin Suisse to offer its suite of crypto services within the region. This move aligns with the company's strategy to tap into the Middle East's burgeoning demand for regulated digital asset solutions. Andrej Majcen, CEO of Bitcoin Suisse, emphasized the significance of this expansion, stating that the company's Swiss heritage and decade-long experience position it well to serve the Middle Eastern market. He highlighted the UAE's progressive regulatory framework and its commitment to fostering innovation in the financial sector as key factors influencing the decision. ADVERTISEMENT Abu Dhabi has been proactive in establishing itself as a hub for digital assets, attracting a slew of international crypto firms. The ADGM's introduction of comprehensive digital asset regulations in 2018 has been instrumental in this regard, providing clarity and fostering investor confidence. Several notable crypto entities have set up operations in Abu Dhabi, including Standard Chartered-backed Zodia Markets, which received regulatory approval to operate as a virtual asset brokerage. Similarly, Singapore-based custody provider Liminal secured permission to offer its services in the region, reflecting a broader trend of global crypto firms gravitating towards the UAE. The UAE's appeal lies not only in its regulatory environment but also in its strategic location and robust infrastructure. The government's initiatives to diversify the economy and invest in fintech have created a conducive ecosystem for digital asset companies. Bitcoin Suisse's entry into the Abu Dhabi market is expected to catalyze further growth in the region's digital asset sector. The company's comprehensive offerings, ranging from trading and custody to staking and tokenization, will cater to a diverse clientele, including institutional investors and high-net-worth individuals seeking regulated crypto services. This expansion also signifies a broader shift in the global crypto landscape, with firms increasingly seeking jurisdictions that offer regulatory clarity and support for innovation. The UAE's proactive stance positions it as a leading destination for such enterprises, potentially setting a benchmark for other regions aiming to attract digital asset businesses.
Al Etihad
21-05-2025
- Al Etihad
Bitcoin Suisse to commence operations in Abu Dhabi
22 May 2025 01:24 ABU DHABI (ALETIHAD)Bitcoin Suisse, Switzerland's premier crypto financial services provider, is about to commence its operations in Abu Dhabi. In a statement, the company said its subsidiary, BTCS (Middle East) Ltd., has received In-Principle Approval (IPA) from the Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market (ADGM).The approval enables Bitcoin Suisse to move closer to offering fully regulated crypto financial services in ADGM's internationally recognised regulatory environment. The firm intends to provide services including trading of virtual assets, crypto securities and derivatives, as well as local custody solutions for both private and institutional clients."This milestone represents a significant step forward in Bitcoin Suisse's strategic expansion, reinforcing its commitment to regulatory compliance, financial innovation, and global growth," the statement Majcen, Head of Global Expansion and designated Senior Executive Officer of BTCS (Middle East) Ltd., said, "The IPA reflects our strong commitment to maintaining the highest standards of transparency, security, and regulatory compliance. Abu Dhabi, one of the Middle East's fastest-growing financial centres, presents a compelling opportunity for growth. We look forward to working closely with the FSRA to obtain our full licence."Bitcoin Suisse has earned a reputation as a trusted and compliant crypto financial services provider. With more than $6 billion (Dh22.2 billion) in assets under custody and $2.6 billion (Dh8.9 billion) in institutional staking services, the firm ranks among the world's largest custodians and staking platforms. Its service model is known for its precision, security, and client-centric approach, built over a decade of Swiss-based Ramamurthy, Chief of Market Development at ADGM, welcomed the development, "ADGM congratulates Bitcoin Suisse on receiving its IPA from the FSRA of ADGM. Their expansion plans to the region to provide regulated crypto financial services within the international financial centre is a testament to the immense opportunities available within Abu Dhabi. We look forward to Bitcoin Suisse receiving their Financial Services Permission (FSP) and their contribution to ADGM's dynamic ecosystem." "By entering ADGM, Bitcoin Suisse plans to leverage the UAE's progressive and globally acknowledged virtual asset framework to enhance its regulated service offerings," the statement said. Source: Aletihad - Abu Dhabi
