The only way is up (for ransomware gangs)...

Last month, we recorded the highest number of ransomware attacks this year so far–93 confirmed attacks (and counting) and a further 443 new unconfirmed claims from ransomware gangs. This total of 536 far exceeds the monthly average of 425 witnessed from January to October.
​
(Our visualized map of ransomware attacks in the US is enough to cause heartburn).

RansomHub claimed the most attacks throughout November with 90 unconfirmed and five confirmed attacks. With 19 unconfirmed victims claimed this month already, can it keep its crown this month?

Well, new ransomware gang Funksec has accepted the challenge, having just claimed 13 victims. As with all new gangs, however, the authenticity of these claims remains to be seen with none confirmed at the time of writing.
​
(Here for the IT downtime calculation? Skip down to the bottom!)

Black Basta shrouds companies in darkness

After a couple of quieter months, Black Basta has cast a dark cloud over a number of companies throughout October and November. It added 26 victims to its data leak site during these two months before adding a further nine this week. Among its confirmed victims since October are BT Group (one of the UK’s largest telecom companies), three Italian companies (ISA S.p.A., NIER Ingegneria S.p.A., and Snatt Logistica S.p.A.), three US companies (Rockport Mortgage Corporation, Medica Corporation, and Instinct Pet Food) and German frozen food manufacturer, Vossko.

​
Thanks to the gang’s usual double-extortion tactic (encrypting systems and stealing data), these attacks have led to data breaches (1,909 people were impacted by the breach on Instinct Pet Food) and crippling downtime (Snatt Logistica S.p.A. saw three days of total shutdown with some workers being laid off for nearly a week).

Read more about how Black Basta's acts like a Bast***

Fresh off the packing line – our in-depth report on ransomware in the manufacturing sector

If there’s one industry that can ill-afford downtime, it’s manufacturing. But as our report this week found, ransomware attacks on the manufacturing sector have increased over the last year or so.

From average ransom demands of $10.7 million to the average company suffering costs of $1.9 million per day of downtime, the cost of these attacks can have such far-reaching consequences that businesses are forced to shut down for good.

Read more about the manufacturing sector's ransomware woes

Don’t let ransomware bring your company down(time)

Downtime is something best reserved for hardworking Net Admins like yourself, not for your IT infrastructure. Acronis found that the average company experiences around 455 hours of cybersecurity-related downtime. If time is money, that’s a huge expense. According to Pingdom (a Solarwinds company), you can quickly calculate that cost for yourself.
​
​Here’s the formula:

Downtime Cost = Minutes of Downtime x Cost per Minute​
​
Costs vary per industry, but let’s take healthcare, where the cost per minute is $10,600. This formula gives us: $10,6000 x 60 = $636,000. PER HOUR. Yikes. Now multiply that by 450.
​
If you just died a bit on the inside, we’re right there with you. Ransomware sucks, and it causes significant downtime. Simple as that. SIEM, intrusion detection systems (IDS), and uptime monitoring software are your best bet here to avoid those exorbitant costs.
​
Or, you know. YOLO. (Please don’t YOLO on this one.)
​
​Until next week. Let’s keep that zero-day count at zero!