In our last blog, we went over some of the elements within Webroot’s 2020 Threat Report, specifically with regard to how they related to malware attacks. The virus protection giant also placed the problem of ransomware high on its list of major issues to look out for, citing specific ransomware trends that need to be acknowledged during what can only be described as “uncertain times” including more recon, rising ransom costs, higher stakes and shifting targets.
Ransomware attacks rely heavily on phishing emails to get a foothold on a network, taking advantage of “timely” topics such as healthcare enrollment and climate change to increase the chances someone will click a link and download a Trojan, ransomware or other malware. The problem didn’t show up in force until 2015, when Webroot reported seeing a somewhat significant amount of fake antivirus software in which a popup alarmingly informed the user that the system had been compromised, and that they needed to click a link to “clean” the system. This one action often incurred a cost, further compromising the system, which is why Webroot engineers were so concerned about it.
It wasn’t until the mid-2010s that hackers began using cryptocurrency to ultimately make it more difficult for legal authorities to track their activities, and this advantage, coupled with the high value of the currency, made it a booming business. According to Webroot representatives, ransomware attacks spread panic around the world in 2017, with organizations scrambling to safeguard mission-critical data and often paying the ransoms demanded, but while the company has reported a decline in ransomware attacks since 2018, its reps have made it clear that the problem hasn’t gone away.
Examples of notably successful exploits used by ransomware during the past decade include:
Analyzing the Trends
- More Recon – In order to establish which malware and exploits to use to increase the likelihood of success, attackers are focusing their efforts on learning about a company and its infrastructure, including critical servers and backup locations.
- Rising Ransom Costs – First reported by Coveware, a company specifically set up to help ransomware victims pay their ransom, the average ransom amount is increasing; according to the Webroot 2020 Threat Report, it reached $41,198 in Q3 2019, up from $36,295 in Q1.
- Higher Stakes – Increasing the chance that victims will still pay ransoms even if they have adequate backups in place, attackers as of late are threatening the victim with leaking or otherwise abusing the data.
- Shifting Targets – The year 2019 saw an epidemic of ransomware attacks on US cities, as well as systematic attacks on “favored” targets such as transportation, healthcare, education and SMBs, with many of these attacks having made use of Ransomware-as-a-Service malware, freely available on the dark web.
You’re Never Alone
If you suspect that you have been the victim of a possible ransomware attack, contact the experts at DMS iTech – we have the experience and certified professionals on staff to help you mitigate the effects of any exploit.