Businesses Now the Hot Ransomware Target

Businesses are bearing the brunt of ransomware today, according to a new report from Malwarebytes. The research finds a whopping 363% increase in overall ransomware detections against businesses between Q2 2018 and Q2 2019.

“This once dangerous but recently-dormant (sic) threat has come back to life in a big way, switching from mass consumer campaigns to highly-targeted, artisanal attacks on businesses,” the company said in a summary of the findings.

From 2018 to 2019, Malwarebytes saw a 235% increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor.

Outdated Systems Make Local Government a Lucrative Target

Municipalities, educational institutions and healthcare organizations are also prime targets. That’s likely because of legacy infrastructure, outdated hardware and software applications, not to mention a lack of security funding in these sectors, said the firm in a release.

Indeed, stories about municipalities getting hit by ransomware attacks have made headlines recently, including the small city of Riviera Beach, Florida, which was forced to pay over $600,000 after attackers went after its systems.

“Cybercriminals looking for a bigger bang for their buck have been busy exploiting weak infrastructure and poorly-constructed (sic) operational security to encrypt business-critical data for larger payouts, and organizations have been largely caught with their virtual pants down,” said the report.

Top Ransomware Families, Regions Highlighted

Top ransomware families, according to the report, include GandCrabRyukTroldesh, Rapid and Locky. For business detections there was a constant increase in detections of ransomware families, particularly in Ryuk and Phobos. Ryuk detections increased by 88% over last quarter, while Phobos exploded 940% from Q1 2019.

The report also breaks down ransomware by region, with the U.S. leading at 53% of detections, followed by Canada at 10% and the United Kingdom at 9%.

“This year we have noticed ransomware making more headlines than ever before as a resurgence in ransomware turned its sights to large, ill-prepared public and private organizations with easy to exploit vulnerabilities such as cities, non-profits and educational institutions,” said Adam Kujawa, director of Malwarebytes Labs. “Our critical infrastructure needs to adapt and arm themselves against these threats as they continue to be targets of cybercriminals, causing great distress to all the people who depend on public services and trust these entities to protect their personal information.”

Consumers See Fewer Ransomware Attacks

If there is one upshot to the research, it is that ransomware attacks against consumers software are down. The report finds consumer attacks dropped 12% and Malwarebytes expects consumer-focused ransomware attacks to diminish to almost none in the coming year as criminals instead turn their focus to businesses and organizations, where they can get more bang for their buck targeting multiple systems over just one machine.

Featured eBook
The Next Generation of Application Security

The Next Generation of Application Security

Application security is usually done by finding, fixing and preventing vulnerabilities, with an emphasis on finding solutions to prevent cybersecurity events in the future. However, many of the breaches we’re seeing are caused by a vulnerability related to the application, often because developers move so quickly to push out new code. AppSec promises to become ... Read More
Security Boulevard
Joan Goodchild

Joan Goodchild

Joan is a veteran journalist, editor and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online.

joan-goodchild has 23 posts and counting.See all posts by joan-goodchild