The Department of Justice (DOJ) famously declared 2021 as the worst year for ransomware attacks, but it seems that title could be in 2022’s hands very soon.

Despite some rare wins in the war against hackers over the past 12 months from the governments seizure of $2.3 million in bitcoin paid out to the Colonial Pipeline hackers, to its successful disruption of the notorious REvil gang the ransomware threat continues to grow. Over the past few months alone, weve seen threat actors ramping up attacks against public sector organizations, including hospitals, schools, and in the case of Costa Rica, entire governments. The private sector is also battling a worsening ransomware threat, with attackers claiming a number of high-profile victims such as AMD, Foxconn and Nvidia.

Enable multi-factor authentication on everything you have.Katie Moussouris, founder of Luta Security


Founders of early stage startups will undoubtedly find it concerning to see even well-known organizations failing to protect themselves from ransomware despite their seemingly endless resources, particularly as its unclear exactly where these companies went wrong.

“It could be a zero-day or it could be a failure to implement multi-factor authentication (MFA) or an MFA bypass,” said Brett Callow, threat analyst at Emsisoft, during a panel discussion on the TechCrunch+ stage at Disrupt 2022. “There’s no standard answer, and that is what makes this problem so difficult to deal with.”