Cybersecurity research has demonstrated an intense rise in the number of successful ransomware attacks originating from unregulated devices. Microsoft's latest Digital Defender Report 2023 revealing that between 80 to 90 percent of such cases arise from unmanaged hardware. Unfortunately, these are typically personal devices brought into workplaces operating on a Bring Your Own Device (BYOD) policy, well-known for their lack of adequate security protocols. The report further outlined a staggering increase of more than 200 percent in global ransomware attacks.
BYOD – A Controversial Approach to IT
While BYOD has previously been underscored as a problematic approach to organizational IT, some still perceive its merits. The UK's National Cyber Security Centre (NCSC), for instance, acknowledges the benefits of associating employees with familiar IT, leading to operational overhead reductions. The NCSC stresses the important balance between personal device management and preserving security-consciousness for a successful BYOD policy. High attack success rates from unmanaged devices, as evident in the latest Microsoft data, could likely ignite further discussions regarding the feasibility of such practices in contemporary establishments.
Human-Operated Ransomware Attacks on the Rise
The threats amplified by the implementation of BYOD policies are bolstered by the substantial surge in ransomware incidents recorded this year. Microsoft finds that human-operated ransomware attacks, where cybercriminals tactfully infiltrate organizations to conduct internal attacks, have increased by over 200 percent since September 2022.
It's worthy to point out that despite the significant rise in ransomware attack attempts, the data suggests a relatively low success rate with only 2 percent of the said attacks leading to the successful application of ransomware against victims. This implies that robust security policies can effectively defend organizations against modern assailments.
The Microsoft Digital Defense Report 2023 also anticipates a continued growth of attacks into 2024 primarily due to the increase in Ransomware-as-a-Service (RaaS) affiliates. The majority of such attacks in June 2023 were executed by a group of familiar affiliates rising at 12 percent year-on-year particularly associated with leading RaaS organizations including Magniber, LockBit, Hive, and BlackCat. These groups accounted for an astounding 65 percent of all ransomware incidents globally last year, with automated variant Magniber responsible for over 20 percent of successful attacks.
Consequently, Microsoft advocates for the implementation of zero-trust and least-privilege measures, alongside having effective backups and deploying solutions that can detect and autonomously remediate based on known signals to avert these steadily escalating threats.