One of the prevalent themes we discuss on The Virtual CISO Moment podcast is ransomware – who is using it, who is targeted, and trends. That’s because ransomware is a very prevalent threat. I ask each weekly podcast guest what the most prevalent infosec threat is to SMBs and the majority (I’d guess north of 80%) say ransomware.

According to several articles that I have discussed on the Monday and Friday episodes, the trend for ransomware appears to have eased after 1Q 2022. Is this indicative of a permanent slowdown and therefore a cause to rejoice? Likely not. A prevalent theory is the ransomware groups have temporarily focused more on geopolitical operations, much related to the Ukraine-Russia war. Some have postulated that it’s because of vacation – northern hemisphere cyber criminals need tie off, too.

Of course, ransomware operation has also changed. Now it’s not just (or even) about encryption and paying a ransom for the decryption key. Often the ransom is in exchange for a promise that the exfiltrated information won’t be released.

I’m of the camp that ransomware activity will pick up in the northern hemisphere fall. Stay tuned.