Ransomware turns its sights on large organizations
Detections of ransomware aimed at businesses rose by a massive 363 percent between the second quarter of 2018 and the same period this year. Meanwhile consumer ransomware is down 34 percent.
The latest quarterly threat report from Malwarebytes also sees a 235 percent overall increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor.
In particular public sector bodies like municipalities, educational institutions, and healthcare organizations have become prime targets, likely because of legacy infrastructure, outdated hardware and software applications, and lack of security funding in these sectors.
"It seems like every other day you hear about a city or municipality being attacked. These organizations probably have barely enough money to pay their staff, so when it comes to deploying security solutions a lack of funding shows and we are not securing these organizations as well as we should be," says Adam Kujawa, director of Malwarebytes Labs. "We're paying the price for that now and it's sad. This applies to smaller businesses too as they don't have the resources to protect themselves like larger ones. It comes down to opportunity, and a lot of these cities have paid the ransom. They didn't have the backups in place and they are controlling essential services so they need to get things back up and running as fast as possible. In many cases the only way they can do that is paying some Bitcoins and they are doing that with taxpayer’s money. Although a lot are using cyber insurance it's still coming out or the pockets of taxpayers."
Top ransomware families seen overall include GandCrab, Ryuk, Troldesh, Rapid and Locky. For businesses there has been a constant increase in detections of ransomware families, particularly in Ryuk and Phobos. Ryuk detections increased by 88 percent over last quarter, while Phobos exploded 940 percent from Q1 2019.
The full report is available on the Malwarebytes blog.