Sophos said the commercialization of cybercrime drove an uptick in nearly all types of cyberattacks in 2022 and the result is a booming malware economy where no organization is immune to cyberthreats.
After stumbling upon a surface website mimicking the real criminal underground site Genesis, Sophos researchers further uncovered the 20 fake marketplaces dating back to August 2021.
The report also reveals how attackers use classic techniques — some decades old, such as typosquatting, phishing, backdoored malware, and fake marketplaces — to carry out their scams against each other.
In 2019, ransomware attacks were already a prominent and persistent threat for organizations across several industries. Although the pandemic lockdowns in 2020 initially affected the volume of activities carried out by ransomware criminals, attributed mainly to restrictions in mobility and access to resources, these malicious actors quickly bounced back and even breached pre-pandemic levels in 2021.
Philippine companies paid $1.6 billion on average through the nose for ransomware attacks in 2022, making the country the third most-extorted by ransomware in the world next only to Japan and the Netherlands, according to cybersecurity firm Sophos.
Education institutions faced the highest data encryption rate (73%) compared to other sectors (65%), and the longest recovery time, with 7% taking at least three months to recover – almost double the average time for other sectors (4%).
The Sophos survey showed that 95 % of Philippine companies agree their biggest security challenge in the next 24 months will be the awareness and education of employees and leadership.
