Story image

Ransomware attacks reach disturbing levels

By Shannon Williams, Thu 23 Sep 2021

Ransomware attacks have reached 'stratospheric levels', now accounting for 69% of all attacks involving malware. 

That is among the most disturbing finding in Cybersecurity Threatscape: Q2 2021, the latest report from security specialist Positive Technologies. 

The research also reveals that the volume of attacks on governmental institutions in particular soared from 12% in Q1 2021 to 20% in Q2. And the company's Expert Security Center, which focuses on threat intelligence, during the quarter discovered the emergence of B-JDUN, a new RAT used in attacks on energy companies, and Tomiris, new malware that comes with functions for gaining persistence and can send encrypted information about the workstation to an attacker-controlled server.

The research found only a minor rise, 0.3%, in overall attacks from the previous quarter. This slowdown was to be expected as companies took greater measures to secure the network perimeter and remote access systems during a global pandemic and the growth of a dispersed workforce. However, the rise in ransomware attacks - in particular a 45% jump in the month of April alone - should cause grave concern.

 On a related note, Positive Technologies identified a ban by Dark Web forums on the publication of posts regarding ransomware operators' partner programs. This indicates that in the near future, these partners may no longer have a distinct role - ransomware operators themselves could take over the task of assembling and supervising teams of distributors.

The researchers also note a growing pattern of malware specifically designed to penetrate Unix systems. 

"We've got used to the idea that attackers distributing malware pose a danger to Windows-based systems," says Yana Yurakova, Information Security Analyst, Positive Technologies. 

"Now we see a stronger trend of malware for attacks on Unix systems, virtualisation tools, and orchestrators. More and more companies, including larger corporations, now use Unix-based software, and thats why attackers are turning their attention to these systems."

Among other findings:

  • 69% of all malware attacks targeting organisations involved ransomware distributors, a 30% jump over the same quarter in 2020
  • There's been a noticeable change in the landscape for the retail industry - a sharp decrease in attacks with web skimmers, accompanied by a rise in interest among ransomware distributors. Ransomware attacks on retailers accounted for 95% of all attacks using malware. This is likely because previous attacks in this industry mostly targeted data - payment details, personal information, credentials, etc. Now, they pursue financial gains more directly through ransoms
  • The volume of social engineering attacks targeting retail also increased from 36% in Q1 2021 to 53% in Q2

 
 

Recent stories
More stories