sb-eu logo
Story image

Business ransomware detections spiking - Malwarebytes

12 Aug 2019

Endpoint protection and remediation solution provider Malwarebytes has released the company’s latest quarterly threat report: Cybercrime techniques and tactics (CTNT): Ransomware retrospective.

This ransomware edition of the CTNT explores the shift in ransomware attacks from consumer targets to organisations, businesses, municipalities and beyond, breaking out attack vectors and trends region by region for an unprecedented view into ransomware behaviour.

In Q2 2019, cybercriminals renewed a ransomware focus on businesses, as consumer detections were poised to dip below business detections of ransomware for the first time, an expression of lost interest from cybercriminals on individual targets as they look to higher-value opportunities.

Moving ahead into the second half of 2019, ransomware is expected to continue to evolve through manual and blended attacks with worm-like functionality, as well as more paired attacks with other malware families.

“This year we have noticed ransomware making more headlines than ever before as a resurgence in ransomware set its sights on large, ill-prepared public and private organisations with easy-to-exploit vulnerabilities such as cities, non-profits and educational institutions,” says Malwarebytes labs director Adam Kujawa.

“Our critical infrastructure needs to adapt and arm themselves against these threats as they continue to be targets of cybercriminals, causing great distress to all the people who depend on public services and trust these entities to protect their personal information.”

Highlights from the report include:

  • Overall ransomware detections against businesses between Q2 2018 and Q2 2019 have risen by 363%.
     
  • From 2018 to 2019, Malwarebytes saw a 235% increase in threats aimed at organisations from enterprises to small businesses, with ransomware as a major contributor.
     
  • Municipalities, educational institutions, and healthcare organisations became prime targets, likely because of legacy infrastructure, outdated hardware and software applications, and lack of security funding in these sectors.
     
  • Top ransomware families overall include: GandCrab, Ryuk, Troldesh, Rapid and Locky. For business detections there was a constant increase in detections of ransomware families, particularly in Ryuk and Phobos. Ryuk detections increased by 88% over last quarter, while Phobos exploded 940% from Q1 2019.
     
  • The rise and alleged retirement of GandCrab leading into the emergence of Sodinokibi ransomware, another Ransomware as a Service (RaaS) using similar technical components.
     
  • Breakdown of ransomware by country (and state), with the US leading at 53% of detections, followed by Canada at 10% and the United Kingdom at 9%.
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More