Bulletins

Verizon: Ransomware involving data theft was up sharply last year

While ransomware involving data theft used to be relatively rare, 2021 was a turning point for the tactic, the head of Verizon's threat research team told Protocol.

Verizon: Ransomware involving data theft was up sharply last year
Markus Spiske / Unsplash

Last year saw a notable jump in ransomware attacks that included exfiltration of data as a component, highlighting an ongoing shift in the way the attacks are monetized, according to Verizon's major annual breach report.


As in past years, the Verizon 2022 Data Breach Investigations Report aims to take a more-comprehensive look at the cyberattack landscape by incorporating findings from a range of organizations, both public and private. The 87 contributors to this year's report include the FBI, CISA, CrowdStrike, Palo Alto Networks, Proofpoint, Dell and many other companies, in addition to a number of teams within Verizon. The study, now in its 15th year, analyzed 5,212 confirmed breaches and 23,896 security incidents overall for 2021.

Ransomware attacks that included data exposure grew 13% in 2021 compared to the previous year, the Verizon report shows. For a study with such a large sample size, that is a significant increase that points to a shift in how attackers are operating, said Chris Novak, managing director of the Verizon Threat Research Advisory Center.

By comparison, ransomware attacks in which data was exposed had climbed just 6% in 2020, year-over-year, which itself was deemed a large increase at the time.

Ransomware rarely involved data theft in its early days, but "now the majority of ransomware events include an element of the threat actor taking and exfiltrating the underlying data," Novak told Protocol.

In part, that's a response to the fact that many companies can now restore data from backup in the event of a ransomware attack, leading the victims to be less likely to pay a ransom demand, he said. When the theft of sensitive data is involved, the likelihood of paying a ransom goes up significantly, Novak said.

While an NSA cybersecurity official recently suggested that sanctions against Russia have contributed to a decrease in ransomware attacks in 2022, Novak said it's hard to say whether this will be indicative of a longer-term trend when it comes to ransomware. Due to the financial windfalls associated with ransomware, "I'm not a believer that it's going to be staying down, or going away," he said.

Latest Bulletins

Goldman Sachs has joined efforts to assist the ailing crypto lending company Celsius, in what would be the biggest effort yet by a traditional financial institution to jump in amid a broad crypto crash. Several large crypto hedge funds, lending companies and brokerages have sought funding or credit amid a liquidity crunch in recent days.

Keep Reading Show less

Los Angeles could become the first major city in the country to ban the construction of new gas stations because of the climate crisis.

Keep Reading Show less

A handful of Sony's internal game development studios have issued public messages of support for abortion rights and condemnations of the U.S. Supreme Court's overturning of Roe v. Wade on Friday.

It's a notable shift for PlayStation, after Sony Interactive Entertainment CEO Jim Ryan told staff in May to "respect differences of opinion" on reproductive rights following POLITICO's disclosure of details from a leaked draft opinion in early May.

Keep Reading Show less

Yelp is closing its New York, Chicago and Washington, D.C., offices as the company embraces remote work.

Keep Reading Show less

Netflix is laying off hundreds of workers in its second round of layoffs in roughly a month, according to a report from CNBC on Thursday.

Keep Reading Show less

Instagram is testing using facial analysis tools to verify age on the platform, Meta announced in a blog post Thursday.

Keep Reading Show less

EBay was once known as a marketplace for trendy collectibles like Beanie Babies. Now it’s going deep into the new world of NFT digital collectibles.

Keep Reading Show less

TikTok made several new commitments to its advertising and consumer practices, promising to better protect children from hidden ads and inappropriate content. The platform's new pledges come after a complaint filed in February 2021 from the European Consumer Organisation that alleged TikTok broke EU consumer rules.

Keep Reading Show less

Meta has agreed to settle a long-standing lawsuit filed by the Department of Housing and Urban Development alleging discrimination in Facebook's housing ad system. As part of the settlement, Meta vowed to change the way ads for housing, as well as employment and credit opportunities, are delivered on its platforms, and to pay a $115,054 fine.

"Discrimination in housing, employment and credit is a deep-rooted problem with a long history in the US, and we are committed to broadening opportunities for marginalized communities in these spaces and others," Roy Austin Jr., Meta's vice president of civil rights, wrote in a blog post.

Keep Reading Show less

Crypto lender BlockFi has secured a $250 million revolving credit line from FTX, a deal that comes as a broader market meltdown has forced other lenders to freeze withdrawals.

Keep Reading Show less

The solar panel market is a mess. An ill-timed Commerce Department probe has wrought uncertainty beyond the already-fraught supply chain, but at least some U.S. developers are trying to right the ship a bit.

Keep Reading Show less

Microsoft will remove controversial automated tools that predict a person’s age, gender and emotional state from its Azure Face API artificial intelligence service that analyzes faces in images, according to a report published by The New York Times on Tuesday.

Keep Reading Show less

Copilot, GitHub's AI code suggestion tool, is now available for everyone, the company announced on Tuesday. Anyone can use the pair programmer for $10 a month or $100 a year. It will be free for students and organizers of popular open source projects.

Keep Reading Show less

DocuSign CEO Dan Springer is stepping down, the company's board of directors announced Tuesday, and Chairman of the Board Maggie Wilderotter will fill in as interim CEO during the executive search process. Springer's resignation comes on the heels of slowing growth for the e-signature giant.

Keep Reading Show less

TikTok is now routing all of its U.S. user traffic to Oracle's cloud infrastructure services, in a bid to allay U.S. regulators’ concerns about data integrity on the popular short video app given its Chinese ownership.

Keep Reading Show less

Bye-bye, Lighting port. Senate Democrats called on the Commerce Department to implement a common charging port for smartphones.

Keep Reading Show less

SpaceX employees called Elon Musk's behavior a "distraction and embarrassment" in an open letter circulated this week. The company is now firing those involved with writing and circulating it, according to The New York Times.

Keep Reading Show less

Binance.US is about to announce it has raised more funding in a sign of continued investor interest despite the crypto downturn, CEO Brian Shroder told Protocol.

Keep Reading Show less

Elon Musk met with Twitter employees Thursday, and it went exactly how you'd think it would go.

Keep Reading Show less

If you’re heavily invested in dogecoin, it’s likely for one of two reasons: You’re either a very-online crypto day trader who is willing to spend money on fun, speculative investments, or you’re a die-hard fan of Elon Musk. Now, an investor is suing Musk and his companies Tesla and SpaceX for claims that he was part of a scheme to pump the value of dogecoin.

Keep Reading Show less

Circle is about to issue a second stablecoin, this one pegged to the euro. The euro coin, or EUROC, will become available on June 30, the company announced Thursday.

Keep Reading Show less

The European Commission's long awaited Code of Practice is finally here — and it has some giant names attached.

Keep Reading Show less

A new blog post from Kraken titled “Kraken Culture Explained” has sparked heated discussions on diversity in the workplace. CEO Jesse Powell just doubled down in a Twitter thread claiming that the arguments over culture were stifling Kraken's productivity. "Most people don't care and just want to work," Powell tweeted as part of a long thread, "but they can't be productive while triggered people keep dragging them in to debates and therapy sessions."

Keep Reading Show less

Mapbox has just been slapped with a complaint from the National Labor Relations Board that alleges the company's leadership threatened job loss in retaliation for union organizing and then fired union organizers after the unionization vote failed last summer.

Keep Reading Show less

DeFi lender Celsius has hired law firm Akin Gump Strauss Hauer & Feld to help keep the company afloat, sources told The Wall Street Journal on Tuesday. The company halted trading and withdrawals earlier this week amid what it called “extreme market conditions.”

Keep Reading Show less
Bulletins