Targeted ransomware attacks (those carried out against a chosen victim for the purpose of extortion) are often carried out on high-profile targets

Cyber-attacks to hijack data increased 767%

Los ataques de ransomware dirigidos (los que se realizan contra una víctima elegida con el objetivo de extorsionar) suelen realizarse a objetivos de alto perfil

diarioabierto.es

Updated: 28/04/21

From 2019 to 2020, the number of Kaspersky users who encountered targeted ransomware (malware used to extort high-profile targets, such as corporations, government agencies and municipal organisations) increased by 767%. This increase contrasts with a 29% drop in the total number of users affected by any type of ransomware, with WannaCry being the most prevalent family, according to Kaspersky research.

The threat of ransomware - when attackers encrypt private information and demand a ransom for it - became headline news in the 2010s following two large-scale attacks, including WannaCry and Cryptolocker. Tens of thousands of users were affected, often being asked for relatively small amounts to recover their files. Over the years, these campaigns have been declining. In fact, from 2019 to 2020, the total number of users who encountered ransomware across all platforms decreased from 1,537,465 to 1,091,454, a decrease of 29%.

Los ataques de ransomware dirigidos (los que se realizan contra una víctima elegida con el objetivo de extorsionar) suelen realizarse a objetivos de alto perfil

However, there has been an increase in targeted ransomware. Targeted ransomware attacks (those against a chosen victim for the purpose of extortion) are often carried out against high-profile targets, such as businesses, state and municipal government agencies, and healthcare organisations. These attacks are much more sophisticated (network compromise, reconnaissance and persistence, or lateral movement) and involve much higher payoffs.

Some of the most prolific targeted ransomware families during this period were Maze, the group involved in several media incidents, and RagnarLocker, another regular in the news. Both families started the trend of exfiltrating data as well as encrypting it and threatening to make confidential information public if victims refused to pay. WastedLocker also made headlines with similar incidents. In many of these cases, the malware is specifically designed to infect each individual target.

Los ataques de ransomware dirigidos (los que se realizan contra una víctima elegida con el objetivo de extorsionar) suelen realizarse a objetivos de alto perfil

Despite the rise of targeted ransomware, the ransomware family most frequently encountered by users is still WannaCry, the ransomware Trojan that first appeared in 2017 and caused at least $4 billion in damage in 150 countries. WannaCry accounted for 22% of users encountering ransomware in 2019; this figure fell to 16% in 2020. Los ataques de ransomware dirigidos (los que se realizan contra una víctima elegida con el objetivo de extorsionar) suelen realizarse a objetivos de alto perfil

"The ransomware landscape has fundamentally changed since it became big news in the security community. We are likely to see fewer and fewer widespread campaigns targeting ordinary users. Of course, that does not mean that they are not still vulnerable. However, the main target is likely to remain enterprises and large organisations, and that means that ransomware attacks will evolve to become more sophisticated and destructive. It is critical that businesses adopt a comprehensive set of security practices to protect their data," says Fedor Sinitsyn, security expert at Kaspersky.

Tags: