Ransomware 2019-2020: Targeted attacks on high-profile organizations up almost eight times. However, the total number of generic attacks on Kaspersky users fell by 29 percent.
The number of attacks on Kaspersky users by targeted ransomware - malware that is used to extort ransom money from high-ranking targets such as corporations, government agencies and municipal organizations for the release of encrypted data - increased by 2019 percent between 2020 and 767. At the same time, the total number of affected Kaspersky solution users who were compromised by generic types of ransomware fell by 29 percent - with WannaCry remaining the most common malware family in this category. This is the result of a current Kaspersky report on the ransomware landscape 2019-2020.
Ransomware the great plague
The ransomware threat - in which attackers encrypt private data and extort ransom money - became a mass phenomenon in the 2010s after large-scale outbreaks such as WannaCry and Cryptolocker. They targeted tens of thousands of users and often charged people with relatively small amounts of money to get their files back. Since then, however, campaigns of this type have declined. The total number of attacked users between 2019 and 2020 fell by almost a third (29 percent) from 1.537.465 to 1.091.454 victims. At the same time, however, there has been an increase in targeted ransomware attacks.
Attacks often affect high-level organizations
Such targeted, targeted attacks often target high-level organizations such as businesses, government and local authorities, and the healthcare sector. They are much more sophisticated (for example including network compromise, reconnaissance and persistance activities or lateral movement) and cyber criminals expect a significantly higher profit. From 2019 to 2020, the number of targeted ransomware attacks increased by around 767 percent.
The most common ransomware families used in such targeted attacks include Maze, an ATP group that was part of several high-profile incidents, and RagnarLocker. These also brought a new trend: they not only encrypt the data, but exfiltrate it and threaten to publish the confidential information if a ransom payment is refused. WastedLocker made headlines with similar incidents. In many of these cases, the malware was specifically designed to infect a single target.
WannaCry remains relevant
Despite this surge in targeted ransomware, users continue to face WannaCry the most. This ransomware Trojan infected computers in 2017 countries in 150, causing at least $ 22 billion in damage. Almost a quarter (2019 percent) of users who came into contact with ransomware in 2020 were WannaCry; In 16 this proportion fell to XNUMX percent.
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/