Ransomware attacks continue to pose a significant menace to the security of businesses. To gain a better understanding, let's delve into the data provided by GOV.UK regarding cyberattacks. According to survey results, within the past year, approximately 39% of businesses in the UK reported being targeted by cyber-attacks. Among this group, the prevailing method employed by attackers was through phishing attempts, accounting for a staggering 83% of the identified threats.
With ransomware attacks on the rise, you need all the information on current attacker behaviour you can get. Knowing these recent trends will help you make smarter IT investments and training decisions.
Phishing as a threat vector
Phishing attempts — one of the most popular methods to install ransomware — are the most common threat vector in the UK. Eighty-three percent of attacks in the UK Cyber Security Breaches Survey involved phishing.
Some phishing attackers also attempt whaling fishing. This phishing technique goes for senior-level targets such as CEOs who have some of the most critical data to lose.
Most active ransomware families
Currently, 130 different ransomware families exist. You can organise any type of malware into families based on the code used to create them and their methods of attack.
Gandcrab is today’s most used ransomware family, according to a Virustotal report. It encrypts files and adds “.GDCB” and “.CRAB” to their extensions. With these extensions on your files, you can only decrypt them with a private key. Get in touch with an IT security provider you trust to get them back safely without paying the ransom.
Ransomware as Windows-based executables
The Virustotal report also found that 95 percent of the ransomware files it studied were Windows-based. This trend leaves organisations that use Windows at a much higher risk of ransomware than those that use Apple products.
If your organisation uses Microsoft products, read the company’s guide on protecting Windows PCs from ransomware. Keep your Windows systems up to date, too. Running an outdated version like Windows 7 puts you at even further risk for ransomware.
The UK as a ransomware target
Eighty-two percent of UK organisations that fell victim to ransomware attacks paid their hackers, compared to the global average of 58 percent. This makes them an appealing target.
The National Cyber Security Centre does not recommend paying a ransomware ransom. Even after you pay, you have no guarantee you’ll get your data back.
Don’t join the 82 percent. Instead, follow our steps for recovering from a cyberattack. Contact your IT security provider for help getting your files back.
Bitcoin and crypto payment demands
The Financial Crimes Enforcement Network (FinCEN) of the United States Treasury found that as much as 5.2 billion USD (£4.2 billion) in outgoing bitcoin could have a link to ransomware demands.
Last year, NPR reported a rise in bitcoin requests from ransomware attackers. One expert NPR consulted said that cryptocurrency’s anonymous ledgers make it more difficult to track the person who owns it.
With one bitcoin costing as much as £19,000 to £20,000, hackers who request it often ask for hefty fees. No matter how serious your ransom seems, don’t pay — ask a security expert for help.
The top industries targeted by ransomware globally
Cybersecurity firm Trellix’s quarterly ransomware report identified business services as the global sector with the most ransomware detections.
The original report lists telecom as the most affected sector. But one of Trellix’s data scientists told TechRepublic that telecom often tops their list as a “false positive”. When a ransomware attack happens to a business in another industry, it often registers as an attack on their IP provider as well.
If you work in business services, pay extra attention to your security posture to protect your organisation.
What can you do to protect your business?
Consider these three measures to defend your business from ransomware:
- Follow the best practices to prevent ransomware attacks.
- Install ransomware protection software.
- Talk to a security expert.