The latest data from Malwarebyte’s report Cybercrime Tactics and Techniques: Ransomware Retrospective shows businesses are at risk of ransomware attack now more than ever.
Cybercriminals have been shifting focus over the last 12 months. With consumer ransomware detections down 12% in 2019 over 2018, it’s evident the bad guys are losing interest in trying to get small amounts of money from a large number of victims.
According to the Malwarebyte’s report, material declines in consumer ransomware detections occurred around the same time as very material increases in detected business ransomware attacks.
It’s no surprise, given the number of ransomware attacks on governments and municipalities recently in the news. These attacks are bent on taking entire organizations down, rather than the traditional small number of systems.
A number of old ransomware families have been updated and are on the rise, according to the report:
- GandCrab – now offered as Ransomware-as-a-Service (RaaS), GandCrab detections have grown 88% from Q1 to Q2 of this year.
- Ryuk – Around since last August, detections of this ransomware have grown 24% year-over-year.
- Locky – The ransomware that won’t die, Locky has been around since 2016 and detections of this family were up a whopping 319% year-over-year!
- A fully automated strain of Megacortex is also up and coming.
Ransomware has gone full-on “scorched earth” mode, with attacks taking down businesses and government offices for weeks at a time. The growing popularity of RaaS gives anyone the ability to become a cybercriminal with no skills whatsoever. So, organizations need to take these growth numbers as a serious leading indicator that we’re going to be seeing a lot more of ransomware.
Your primary defense against ransomware remains with a focus on the interaction of your users and their email. Email scanning and endpoint protection solutions can address the email side of things. Security Awareness Training can help elevate a user’s understanding of their role in the organization’s security, and how to avoid falling for phishing and social engineering scams intent on delivering ransomware.