Over 500% Increase in Ransomware Attacks Against Businesses
Cybercriminals have started focusing their efforts on businesses during Q1 2019, with consumer threat detections decreasing by roughly 24% year over year while businesses have seen a 235% increase in the number of cyber attacks against their computing systems.
For consumers, the number of detections for Trojans and RiskwareTool malware families has kept going down since Q1 2018 and backdoors, spyware, and MachineLearning/Anomalous malware have seen increases of 85%, 95%, and 221% respectively.
On the other hand, when it comes to the malware families detected in corporate environments, Malwarebytes’ “Cybercrime Tactics and Techniques Q1 2019” report shows skyrocketing detection rate all across the board since Q1 2018, while hijackers were the only malware that continued to show up less and less during the last year.
Out of all malware families impacting commercial entities, ransomware has seen huge comeback with increases of 189% since Q4 2018 and a massive 508% uptick since Q1 2018, while on the consumer side ransomware was “knocked out of the top 10 from its previous steady ranking for several years running.”
As detailed by Malwarebytes, this huge increase in corporate ransomware detections happened “thanks in large part to a massive attack by the Troldesh ransomware against US organizations in early Q1.”
This trend is also backed by FBI’s Internet Crime Complaint Center (IC3) annual Internet Crime Reports (2013, 2014, 2015, 2016, 2017, 2018) which show that while ransomware has definitely seen a decrease in the number of incidents since 2016, the total losses have increased despite a decreasing number of complaints.
Even though it might not be immediately obvious, this happened because cybercriminals have switched their targets from home users to commercial organizations which can afford to pay larger ransoms to have their computing systems unlocked and files decrypted.
The 2018 edition of IC3’s Internet Crime Report also underlined that not all ransomware victims report the incident, thus leading to an “artificially low ransomware loss rate.”
Regarding ransomware adjusted losses, this number does not include estimates of lost business, time, wages, files, equipment, or any third party remediation services acquired by a victim. In some cases victims do not report any loss amount to the FBI, thereby creating an artificially low ransomware loss rate. Lastly, the number only represents what victims report to the FBI via the IC3 and does not account for victim direct reporting to FBI field offices/agents.
The Malwarebytes report conclusions are the result of combining statistics and intel collected between January 1 and March 31, 2019.
They rely on data from the company’s “Intelligence, Research, and Data Science teams” with telemetry added to the mix from both the “consumer and business products on the PC, Mac, and mobile devices.”
More details on the evolution of other threats targeting consumers and businesses are available in Malwarebytes’ full Cybercrime Tactics and Techniques (CTNT) Report.
Read the original article over at BleepingComputer.com.