While industry reports claim ransomware attacks have dropped, cybersecurity insurance company Beazley Breach Response (BBR) Services has reported otherwise. According to businesses benefiting from its insurance deals, there has been a surge in the number of reported ransomware attacks, especially in September, when incidents nearly doubled from a month earlier.
The healthcare sector remains the top target, accounting for 37 percent of ransomware attacks managed by BBR Services, closely followed by professional services at 11 percent. Some 32 percent of data breaches in the healthcare and accounting industries are a result of accidental disclosure, while 30 percent stem from malware incidents. Ransomware incidents have not spared financial institutions, which have registered an 18 percent increase in the number of targeted attacks in Q3.
Overall, the two most prevalent attack methods that resulted in data breaches were hacks or malware attacks (47%) and accidental disclosure (20%). Insider threats caused 17 percent of data breaches that led to loss of physical documents (9%) and portable electronic devices (6%).
Cybercriminals are not shy about making absurd demands, with the highest ransom request totaling $2.8 million, says BRR Services. A number of ransomware attacks in the third quarter were associated with the Ryuk and BitPaymer campaigns. BitPaymer ransomware was detected on networks also infected with banking Trojans used to steal data from online banking platforms or download malware, says the report.
As a short recap, BitPaymer ransomware infected Scottish hospitals, crippled the infrastructure of a small town in Alaska and shut down computers at the Professional Golfers’ Association of America. Ryuk, a variant of Hermes ransomware that worked as a spear phishing attack, infected healthcare organizations in Canada and a water utility in North Carolina.
As explained by Winston Krone, Global Managing Director of Kivu Consulting, there is “a sharp increase in ‘bad’ ransomware strains – where the malware carries out the encryption but has poor functionality, fatally corrupts substantial portions of the victim’s data, fails to decrypt properly after payment of a ransom, or is favored by volatile, unskilled attackers who are unable to troubleshoot decryption issues.”
The decreasing rate of successful decryptions, as well as the uncertainty as to whether malware attacks will keep increasing, are two major challenges companies struggle with, especially SMBs. Some 71 percent of ransomware attacks targeted small and medium-sized companies, showing how vital it is for all businesses, regardless of size, to keep multiple, updated backups, and invest seriously in IT by implementing multiple security layers and training employees on cybersecurity best practices in an office environment.
Although attacks on SMBs have spiked, hackers will never lose interest in large organizations, which will always have the budget to accommodate ransom demands for file recovery and decryption.