💰

European Union Agency for Cybersecurity (ENISA) Security Incident

May 2021 - June 2022 1560 days ago Resolved

Incident Overview

Situation Description

A report by ENISA analyzed 623 ransomware incidents across the EU, UK, and US from May 2021 to June 2022, highlighting shortcomings in reporting mechanisms and the significant impact of ransomware attacks.

Event Types

Ransomware

Industry Sector

nan

Geographic Scope

Global

Response Actions

Restored Systems from Secure Backups Refused to Pay Ransom / Extortion Notified Law Enforcement Shared Threat Intelligence Collaborated with Peers / Community

Impact Analysis

Event Types (1 identified)

Ransomware

Financial Impact

$0 USD

Records Affected

Data Types Compromised

PII (Personally Identifiable Information) Operational / System Data

Primary Impacts

Data Exposure Operational Disruption

Key Decisions Made

Strengthen resilience against ransomware by taking actions such as keeping updated, isolated backups and applying the 3-2-1 backup rule.; If a victim of a ransomware attack, contact national cybersecurity authorities or law enforcement, do not pay the ransom, quarantine the affected system, and visit the No More Ransom Project.; Share ransomware incident information with authorities to alert potential victims, identify threat actors, and support security research.

Technical Analysis

Attack Method

Unknown

Additional Information

Back to News News Item Jul 29,2022 The threat landscape report on ransomware attacks published today by the European Union Agency for Cybersecurity (ENISA) uncovers the shortcomings of the current reporting mechanisms across the EU. As one of the most devastating types of cybersecurity attacks over the last decade, ransomware has grown to impact organisations of all sizes across the globe. What is ransomware? Ransomware is a type of cybersecurity attack that allows threat actors to take control of the assets of a target and demand ransom for the availability and confidentiality of these assets. What the report covers This threat landscape report analysed a total of 623 ransomware incidents across the EU, the United Kingdom and the United States for a reporting period from May 2021 to June 2022. The data was gathered from governments' and security companies' reports, from the press, verified blogs and in some cases using related sources from the dark web. The findings and what they tell us Between May 2021 and June 2022 about 10 terabytes of data were stolen each month by ransomware threat actors. 58.2% of the data stolen included employees' personal data . At least 47 unique ransomware threat actors were found. For 94.2% of incidents, we do not know whether the company paid the ransom or not . However, when the negotiation fails, the attackers usually expose and make the data available on their webpages. This is what happens in general and is a reality for 37,88% of incidents. We can therefore conclude that the remaining 62,12% of companies either came to an agreement with the attackers or found another solution . The study also shows that companies of every size and from all sectors are affected . The above figures can however only portray a part of the overall picture. In reality, the study reveals that the total number of ransomware attacks is much larger. At present this total is impossible to capture since too many organisations still do not make their...

... (truncated for display)

Quick Facts

Company:: European Union Agency for Cybersecurity (ENISA)
Date:: May 2021 - June 2022
Status:: Resolved
Decision Maker:: nan
Position:: nan
Published:: 29/07/2022

Source Information

Original Query

company "press release" "ransomware incident" remediation steps 2021

View Original Source

Timeline

Information Published

29/07/2022

Incident Occurred

May 2021 - June 2022 (1560 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats