Ransomware Tips Towards Enterprise Targets

Symantec's latest 2019 threat report shows a worrying rise in cyberattacks and cybercrime activity. Web attacks are up 56%, formjacking attacks are running at 4800 a month, enterprise ransomware is up 12 per cent although over ransomware attacks are down and supply chain attacks have increased by 70 per cent.


In the wake of the recent Baltimore attack, let us examine ransomware in more detail.


For the first time since 2013, Symantec observed a decrease in ransomware activity during 2018, with the overall number of ransomware infections on endpoints dropping by 20 per cent. WannaCry, copycat versions, and Petya, continued to inflate infection figures.


When these worms are stripped out from the statistics, the drop in infection numbers is steeper: a 52 per cent fall.


However, within these overall figures, there was one dramatic change. Up until 2017, consumers were the hardest hit by ransomware, accounting for the majority of infections. In 2017, the balance tipped towards enterprises, with the majority of infections occurring in businesses.


In 2018, that shift accelerated and enterprises accounted for 81 per cent of all ransomware infections. While overall ransomware infections were down, enterprise infections were up by 12 per cent in 2018.


This shift in victim profile was likely due to a decline in exploit kit activity, which was previously an important channel for ransomware delivery. During 2018, the chief ransomware distribution method was email campaigns. Enterprises tend to be more affected by email-based attacks since email remains the primary communication tool for organizations.


Alongside this, a growing number of consumers are exclusively using mobile devices, and their essential data is often backed up in the cloud. Since most major ransomware families still target Windows-based computers, the chances of consumers being exposed to ransomware is declining.


Also contributing to the decline is the fact that some cybercrime gangs are losing interest in ransomware. Symantec saw a number of groups previously involved in spreading ransomware move to delivering other malware such as banking Trojans and information stealers. However, some groups are continuing to pose a severe

threat.


In further bad news for organisations, a notable number of highly damaging targeted ransomware attacks hit in 2018, many of which were conducted by the

SamSam group. During 2018, Symantec found evidence of 67 SamSam attacks, mostly against organisations in the U.S. In tandem with SamSam, other target ransomware groups have become more active.


Additional targeted threats have also emerged. Activity involving Ryuk (Ransom.Hermes) increased significantly in late 2018. This ransomware was responsible for an attack in December where the printing and distribution of several well known US. newspapers were disrupted.


Dharma/Crysis (Ransom.Crysis) is also often used in a targeted fashion against organisations. The number of Dharma/Crysis infection attempts seen by Symantec more than tripled during 2018, from an average of 1,473 per month in 2017 to 4,900 per month in 2018. In November, two Iranian nationals were indicted in the U.S. for their alleged involvement with SamSam. It remains to be seen whether the indictment will have any impact on the group’s activity

more news

Ransomware Tips Towards Enterprise Targets


Symantec's latest 2019 threat report shows a worrying rise in cyberattacks and cybercrime activity. Web attacks are up 56%, formjacking attacks are running at 4800 a month, enterprise ransomware is up 12 per cent although over ransomware attacks are down and supply chain attacks have increased by 70 per cent.

read more

Cybersecurity Threats Growing In Travel and Transportation


IBM Security has issued new research highlighting that the travel industry and its customers are increasingly the targets of cyberattacks as criminals seek to monetize highly valuable travel data. Compounding the problem, a new survey conducted by Morning Consult on behalf of IBM Security1 reveals that travellers are still blind to the risks they face on the road.

read more

Cyber innovation at the forefront of UK’s approach to modern warfare


Speaking at the recent NATO Cyber Defence Pledge Conference in London, Defence Secretary Penny Mordaunt told of the need for the UK and NATO members to recognise offensive cyber as central to modern warfare. As the UK has already demonstrated against Daesh in the Middle East, it can be a vital tool to keep people in the UK and overseas safe from virtual and physical threats.

read more

65000 GDPR Data Breaches In Europe To Date


European privacy authorities have received almost 65,000 data breach notifications since the EU's new privacy law went into full effect. In addition, regulators in 11 European countries have imposed $63 million in General Data Protection Regulation fines.

read more