Ransomware Attacks on the Low in 2018
Verizon Enterprise examined data breaches continually based on which they provide an annual report release the “2018 Data Breach Investigations Report (DBIR). According to the stats, more than 53,000 incidents, 2,200 of which were significant data breaches, have been encountered within 2017.
The report indicates ransomware attacks as the number 1 threat. The steady increment of crypto and lock ransomware attacks has been observed since 2010, though the numbers of attacks were not that shocking as they currently are. According to Economia ransomware activity has increased 2,000% since 2015, especially the attacks on businesses. By October 2017, cybersecurity experts recorded 33,871 incidents of crypto-malware attacks. Within the ten-month period, the ransomware prevalence increased by 62% percent in comparison to 2016 and 2015.
Augmentation of ransomware industry is fostered by easy exploitation of critical security breaches in business systems said Bryan Sartin, executive director security professional services at Verizon. He added, “What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here.”
The Kaspersky Lab report also illustrates the fact that ransomware developers are targeting business services. Within 2017 alone, the ransomware attacks targeting business sector increased by 4 percent (from 22.6 percent in 2016 to 26.2 percent in 2017). Naturally, it’s easier to cause huge damage to business and force authorities to pay huge sums of redemptions.
Nevertheless, as Bryan Sartin claims, companies fail to protect their data properly and, therefore, have to experience both data and money loss. Fedor Sinitsyn, Kaspersky Lab senior malware analyst, adds to the subject: Business victims are remarkably vulnerable, can be charged a higher ransom that individuals and are often willing to pay up to keep the business operating.
The Attacks grow, but hackers in denial
Although in general, ransomware as a cyber-threat tops chart of cyber incidents, some changes regarding the development of new ransomware families and their distribution have been revealed.
In 2017 showed off a decline in the development of new ransomware families, this according to Kaspersky. Tend Micro counted 50 new ransomware families created in the first five months of 2016. In the meanwhile, the development of new families dropped almost by half, from 62 in 2016 to 38 in 2017
However, interpreting these numbers as a decline of ransomware is not correct. Despite the loss, the fact that less new ransomware families emerged, the already existing versions have been modified actively turning ransomware to agile infections. While in 2016 released versions were improved 54,000 times, the number in 2017 almost doubled exceeding 96,000 cases.
Since the beginning of 2018, we haven’t yet experienced a single massive ransomware outbreak as we had in 2017, including WannaCry, NotPetya, Locky, and other worldwide attacks.
According to ZDNet Instead of releasing new ransomware versions, hackers patch the critical vulnerabilities of the existing ones and reappear with new strength.
Predictions in 2018
However, it is expected that ransomware may switch the target from home users to industries like healthcare. The bulk of security experts believes that data breaches and ransomware attacks are going to rise. They also agree that ransomware prevalence may decline throughout 2018 due to defense improvements.
Experts also claim that the rise of smaller ransomware families may show off. As we have already pointed out, ransomware outbreaks like WannaCry, Locky or Cerber are not that common. Nevertheless, the growth of small crypto-ransomware families manifesting for a week or moth (.java file extension virus, Arrow ransomware, GandCrab ransomware, etc. have been observed.
Ransomware as a service (RaaS) is also expected to remain popular this year. As one of the best RaaS, it emerged at the beginning of 2018 is GandCrab. Since January, it has managed to infect 50,000 devices located in the US, UK, Scandinavia, Australia, and Israel mainly, and collect more than 600,000 USD. Currently, it’s nominated as the most prominent bidder and the most aggressive ransomware this year. Experts claim that crooks may try to echo GandCrab success; thus RaaS rise is expected.
Ransomware remains as one the biggest cyber dangers. Home users can protect themselves by practicing secure behavior on the net, i.e., staying away from illegal websites, no clicks on suspicious content, spam filters, professional anti-virus always updated, etc. Organizations should invest more money in the protection software and hire professional IT experts to ensure a proper data security.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.