They have set their eyes upon the prey, out from afar.
Organizations, users et al better watch out because the predator is on the prowl and there is no telling who is next on its radar.
Ransomware attacks have reared their ugly heads to stymying proportions, and its frequency is on the climb again.
As reported by Check Point Research, there has been a worrisome uptick of 50% in the daily average of ransomware attacks in Q3 of 2020, in comparison to the first half of the year.
The wave of attacks has been spreading across the globe and major economies like the US, India, and Russia are those caught in the storm. In the last 3 months alone, the daily average of ransomware attacks has increased by 50%. What is even more concerning is that these attacks have matured in frequency and intensity, with their impact on business growing inordinately.
Ransomware attacks in the US have unnervingly doubled (approx. 98% increase) in the last 3 months, making it the #1 most targeted country for ransomware. It is closely followed by India (39.2%), Sri Lanka (436%), Russia (57.9%), and Turkey (32.5%). The healthcare sector is the #1 most attacked industry in the US.
The report is certainly in line with a spree of coinciding incidents around the world, be it in UK or even India. While the threat level for ransomware attacks has gone up by 80% in the UK, India too found a Cybersecurity breach at National Informatics Centre as recently as September.
In the past month, there have also been reports about ransomware attacks targeting a shipping giant, a US-based broker, and one of the largest watch-makers in the world, making it even more threatening and ambiguously spread.
Doubtlessly, the current pandemic can be attributed a huge portion of the blame. Organizations across the globe have been forced into making rapid changes to their business structures, thereby increasing the chances of leaving gaps and loopholes in their IT systems. It is precisely these slits which have provided a ready-made window for the cybercriminals, and given them the opportunity to exploit security flaws and infiltrate an organization’s network.
Claiming a new victim every 10 seconds, ransomware has proved to be a lucrative attack method for cybercriminals. Check Point Research’s studies and analysis have further identified ransomware types Ryuk and Maze as the wreckers-in-chief in Q3 of 2020. Furthermore, Emotet, after taking a 5-month hiatus, has surged back to 1st place in the Most Wanted Malware Index, impacting 5% of organizations globally.
Ryuk and Maze have wreaked havoc, attacking 20 organizations per week, again mostly those providing healthcare. In addition to the attacks, the overall sophistication of the attacks has become more diversified, with measures like Double Extortion being employed to gain more leverage. Prior to encrypting the victim’s databases, the attackers extract large quantities of sensitive information and threaten to publish this information unless their ransom demands are paid.
Hackers will encrypt hundreds of thousands of files, incapacitating users and often taking whole networks hostage. In the majority of these cases, organizations simply prefer to pay the price instead of dealing with encrypted files and recovering their IT systems. This creates a vicious cycle – the more these types of attacks “succeed” the more frequently they occur.
Emotet too, originally being a banking Trojan, has recently been used as a distributor of other malware or malicious campaigns.
Following news of such magnitude which puts all of us at stake and risk, be it an individual or organisation, one must keep vigilant and look to follow the most up to date security addressing practices.
Such attacks maybe be inevitable, but being better prepared will no doubt put a huge dent in any malicious attempt.
Follow protocol, stay safe and stay tuned to this space for more updates.