Ransomware attacks on Poland surge by 37% in second half of 2024

Ransomware attacks targeting Poland increased by 37% in the second half of 2024 compared to the first half, according to a Threat Report by ESET analysts. This surge elevated Poland’s global ranking as a target for ransomware attacks to 7th place, up from 13th earlier in the year.

The report identified the United States (9.2% of global attacks), Russia (7.8%), and China (7.4%) as the top three countries targeted by ransomware, with Poland accounting for 4% of worldwide attacks in the second half of 2024. This is up from 2.3% in the first half. Analysts noted that Poland’s strategic role as part of NATO’s eastern flank amid regional tensions, particularly concerning Ukraine, makes it a prime target.

ESET analyst Kamil Sadkowski explained the ransomware process, stating, “Cybercriminals scan the internet daily for vulnerable systems. They target those with the highest likelihood of yielding a ransom, infiltrating networks, stealing and encrypting data, and then demanding payment from companies and institutions.” He emphasized that attacks often begin subtly, such as through infected email attachments or fake websites mimicking legitimate ones.

The lack of cybersecurity training among employees exacerbates the problem. Sadkowski noted that 52% of employees have not participated in any cybersecurity training in the past five years, leaving organizations exposed to threats.

Data from the report “Cyberportrait of Polish Business: Digital Security Through the Eyes of Experts and Employees,” cited by ESET, revealed that 88% of companies surveyed experienced a cyberattack or data leak in the past five years. Ransomware accounted for 18% of these threats, ranking just behind phishing (34%) and attacks on Wi-Fi networks (22%).

The lack of awareness among employees about ransomware is particularly concerning. Only 19% of Polish employees are familiar with the term, leaving over 80% potentially unable to recognize or respond to such threats. According to Paweł Jurek, Business Development Director at DAGMA IT Security, this lack of awareness benefits cybercriminals. “Ransomware attacks are a win-win for criminals. If the victim pays the ransom to resolve the issue quickly and avoid reputational damage, the criminals profit. If the organization refuses to pay, the stolen data is often sold on the darknet, ensuring another source of profit.”

The rising frequency and impact of ransomware attacks highlight the urgent need for increased cybersecurity measures and training to protect organizations and individuals in Poland.

Source: ESET and ISBnews