Malwarebytes reports staggering 363% spike in business ransomware detections

Malwarebytes, the advanced endpoint protection and remediation solution developer, has issued its latest quarterly threat report. Entitled ‘Cyber Crime Techniques and Tactics: Ransomware Retrospective’, this in-depth ransomware edition explores the shift in ransomware attacks from consumer targets through to organisations, businesses, municipalities and beyond, breaking out attack vectors and trends region by region for what’s described as an “unprecedented view” into ransomware behaviour.

As we approached Q2 2019, cyber criminals renewed a ransomware focus on businesses as consumer detections were poised to dip below business detections of ransomware for the first time. This could be deemed an expression of lost interest from cyber criminals on individual targets as they look to higher value opportunities.

Moving ahead into the second half of 2019, ransomware is expected to continue to evolve through manual and blended attacks with worm-like functionality, as well as more paired attacks with other malware families.

“This year, we’ve noticed ransomware making more headlines than ever before as a resurgence in ransomware turned its sights towards large, ill-prepared public and private organisations with easy-to-exploit vulnerabilities such as cities, non-profits and educational institutions,” said Adam Kujawa, director of Malwarebytes Labs. “Our critical infrastructure needs to adapt and arm itself against these threats as it continues to be target of cyber criminals, causing great distress to all the people who depend on public services and trust these entities to protect their personal information.”

Highlights from the report

*Overall ransomware detections against businesses between Q2 2018 and Q2 2019 have risen by 363%

*From 2018 to 2019, Malwarebytes saw a 235% increase in threats aimed at organisations from enterprises to small businesses, with ransomware as a major contributor

*Municipalities, educational institutions and healthcare organisations became prime targets, likely because of legacy infrastructure, outdated hardware and software applications plus lack of security funding in these sectors

*Top ransomware families overall include GandCrab, Ryuk, Troldesh, Rapid and Locky. For business detections there was a constant increase in detections of ransomware families, particularly in Ryuk and Phobos. Ryuk detections increased by 88% across the last quarter, while Phobos exploded by 940% from Q1 2019

*The rise and alleged retirement of GandCrab leading into the emergence of Sodinokibi ransomware (another Ransomware-as-a-Service using similar technical components

*Breakdown of ransomware by country (and state), with the US leading at 53% of detections followed by Canada at 10% and the UK at 9%

For the full report visit https://blog.malwarebytes.com/reports/2019/08/labs-quarterly-report-finds-ransomeware’s-gone-rampant-against-businesses/

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts