Ransomware Tips Towards Enterprise Targets

Symantec's latest 2019 threat report shows a worrying rise in cyberattacks and cybercrime activity. Web attacks are up 56%, formjacking attacks are running at 4800 a month, enterprise ransomware is up 12 per cent although over ransomware attacks are down and supply chain attacks have increased by 70 per cent.

In the wake of the recent Baltimore attack, let us examine ransomware in more detail.

For the first time since 2013, Symantec observed a decrease in ransomware activity during 2018, with the overall number of ransomware infections on endpoints dropping by 20 per cent. WannaCry, copycat versions, and Petya, continued to inflate infection figures.

When these worms are stripped out from the statistics, the drop in infection numbers is steeper: a 52 per cent fall.

However, within these overall figures, there was one dramatic change. Up until 2017, consumers were the hardest hit by ransomware, accounting for the majority of infections. In 2017, the balance tipped towards enterprises, with the majority of infections occurring in businesses.

In 2018, that shift accelerated and enterprises accounted for 81 per cent of all ransomware infections. While overall ransomware infections were down, enterprise infections were up by 12 per cent in 2018.

This shift in victim profile was likely due to a decline in exploit kit activity, which was previously an important channel for ransomware delivery. During 2018, the chief ransomware distribution method was email campaigns. Enterprises tend to be more affected by email-based attacks since email remains the primary communication tool for organizations.

Alongside this, a growing number of consumers are exclusively using mobile devices, and their essential data is often backed up in the cloud. Since most major ransomware families still target Windows-based computers, the chances of consumers being exposed to ransomware is declining.

Also contributing to the decline is the fact that some cybercrime gangs are losing interest in ransomware. Symantec saw a number of groups previously involved in spreading ransomware move to delivering other malware such as banking Trojans and information stealers. However, some groups are continuing to pose a severe


In further bad news for organisations, a notable number of highly damaging targeted ransomware attacks hit in 2018, many of which were conducted by the

SamSam group. During 2018, Symantec found evidence of 67 SamSam attacks, mostly against organisations in the U.S. In tandem with SamSam, other target ransomware groups have become more active.

Additional targeted threats have also emerged. Activity involving Ryuk (Ransom.Hermes) increased significantly in late 2018. This ransomware was responsible for an attack in December where the printing and distribution of several well known US. newspapers were disrupted.

Dharma/Crysis (Ransom.Crysis) is also often used in a targeted fashion against organisations. The number of Dharma/Crysis infection attempts seen by Symantec more than tripled during 2018, from an average of 1,473 per month in 2017 to 4,900 per month in 2018. In November, two Iranian nationals were indicted in the U.S. for their alleged involvement with SamSam. It remains to be seen whether the indictment will have any impact on the group’s activity

more news

Sweat in peace, don’t bleed in war…

Whether you believe it was General Patton, General Shwarzkopf or another historic figure who coined these words – the point it makes has never been more relevant than today in the world of business, as well as in the mindset of the military. Even if the violent imagery doesn’t reflect your business leadership style, please read on, because we all need to consider how strategic neglect can lose business fast - faster than ever in fact. The same impetus that can create business value quickly from nothing can return it to dust with a speed that defies human understanding.

read more

Smartphone, Dumb Owner? Strengthen Your Mobile Security

With the growth in the use of smartphones and tablets in the workplace and the increase in personal use for such things as online banking, cybercriminals are turning their nefarious attention to mobile devices. Internet security giant Symantec has revealed that mobile malware variants soared by 54 per cent in 2017 when compared to the previous year.

read more

Prepare Against Cyberattacks - There Are Resources Available

It is foolish, in the mostly digital world we now live in, to assume that there is someone available to bail you out. Quite simply the more digitalised we get, the more self-sufficient we need to become. Protecting our assets online has never been such an important aspect of any business. There are a multitude of sites, services and products available to help, Government Agencies, the police, National Cyber Security Centre all willing to help and spraying the internet with great advice.

read more

IT Managers Overwhelmed Fighting Cyberattacks - Sophos

A global survey, The Impossible Puzzle of Cybersecurity, carried out by Sophos reveals IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology.

read more