Ransomware Tips Towards Enterprise Targets

Symantec's latest 2019 threat report shows a worrying rise in cyberattacks and cybercrime activity. Web attacks are up 56%, formjacking attacks are running at 4800 a month, enterprise ransomware is up 12 per cent although over ransomware attacks are down and supply chain attacks have increased by 70 per cent.

In the wake of the recent Baltimore attack, let us examine ransomware in more detail.

For the first time since 2013, Symantec observed a decrease in ransomware activity during 2018, with the overall number of ransomware infections on endpoints dropping by 20 per cent. WannaCry, copycat versions, and Petya, continued to inflate infection figures.

When these worms are stripped out from the statistics, the drop in infection numbers is steeper: a 52 per cent fall.

However, within these overall figures, there was one dramatic change. Up until 2017, consumers were the hardest hit by ransomware, accounting for the majority of infections. In 2017, the balance tipped towards enterprises, with the majority of infections occurring in businesses.

In 2018, that shift accelerated and enterprises accounted for 81 per cent of all ransomware infections. While overall ransomware infections were down, enterprise infections were up by 12 per cent in 2018.

This shift in victim profile was likely due to a decline in exploit kit activity, which was previously an important channel for ransomware delivery. During 2018, the chief ransomware distribution method was email campaigns. Enterprises tend to be more affected by email-based attacks since email remains the primary communication tool for organizations.

Alongside this, a growing number of consumers are exclusively using mobile devices, and their essential data is often backed up in the cloud. Since most major ransomware families still target Windows-based computers, the chances of consumers being exposed to ransomware is declining.

Also contributing to the decline is the fact that some cybercrime gangs are losing interest in ransomware. Symantec saw a number of groups previously involved in spreading ransomware move to delivering other malware such as banking Trojans and information stealers. However, some groups are continuing to pose a severe


In further bad news for organisations, a notable number of highly damaging targeted ransomware attacks hit in 2018, many of which were conducted by the

SamSam group. During 2018, Symantec found evidence of 67 SamSam attacks, mostly against organisations in the U.S. In tandem with SamSam, other target ransomware groups have become more active.

Additional targeted threats have also emerged. Activity involving Ryuk (Ransom.Hermes) increased significantly in late 2018. This ransomware was responsible for an attack in December where the printing and distribution of several well known US. newspapers were disrupted.

Dharma/Crysis (Ransom.Crysis) is also often used in a targeted fashion against organisations. The number of Dharma/Crysis infection attempts seen by Symantec more than tripled during 2018, from an average of 1,473 per month in 2017 to 4,900 per month in 2018. In November, two Iranian nationals were indicted in the U.S. for their alleged involvement with SamSam. It remains to be seen whether the indictment will have any impact on the group’s activity

more news

Secure Working From Home During Coronavirus

In the wake of the coronavirus, many organisations internationally are allowing people to work from home to lessen the risk of contagion, but is this wise from a cybersecurity point of view? While companies generally have a cybersecurity policy in place that governs the use of anti-virus and firewall protection, individuals without any tech knowledge could fall foul of cybercriminals.

read more

Crypto Miners, Targeted Ransomware Dominate the Threat Landscape

Twenty-eight per cent of all organisations worldwide were impacted by malicious multi-purpose botnets and targeted ransomware attacks rose by 20% according to Check Point Research, the Threat Intelligence and Research arm of Check Point Software.

read more

Kaspersky's Top 7 Mobile Security Threats in 2020

Mobile device security threats are on the rise. In 2014, Kaspersky detected almost 3.5 million pieces of malware on more than 1 million user devices.

read more

SEC Releases Guide To Combat Cybersecurity Threats

The Securities and Exchange Commission has released a guide to best practices to combat cybersecurity infractions, data loss and privacy breaches.

read more