A new research report finds that ransomware attacks have reached so-called ‘stratospheric’ levels. The study from Positive Technologies finds that ransomware is now accounting for 69 percent of all attacks involving malware. This represents a 30 percent increase over the same quarter in 2020.
The latest data is based on the cyber threat landscape as assessed during quarter 2, 2021. This reveals that the percentage of attacks aimed at compromising computers, servers, and network equipment increased from 71 percent during the first quarter of 2021 to 87 percent by the second quarter. As indicated above, this was associated with an increase in ransomware attacks.
In terms of the main reason for such attacks, the primary reason is due to motivation for financial gain. These types of incidents increased from 43 percent during the first quarter of the year to 59 percent by the second quarter.
As to the format of cyberattacks, emailing remains the main method of spreading malware in attacks against organizations. The poll reveals that 58 percent of attacks were delivered through someone opening a message.
A big focus area for the attacks is the state sector. Here, the volume of attacks on governmental institutions soared from 12 percent in the first quarter to 20 percent for the second quarter.
Another sector that has seen an increase in attacks is the retail sector, which is seeing a shift in attacks and motives. For example, there has been a sharp decrease in the number of Magecart attacks, as criminals shift from stealing data (such as payment details) to pursuing direct financial gain through ransomware attacks. Malware was used in six out of ten attacks against retail, up from only 26 percent during the same quarter in 2020. Specifically, ransomware accounted for 95 percent of all malware used in attacks against the retail sector.
Manufacturing and industrial companies were found to be the second highest targeted sector (up to 34 percent this quarter versus 29 percent in quarter 2 of 2020).
In terms of specific forms of threat, Positive Technologies’ threat intelligence Expert Security Center (PT ESC) discovered the emergence of B-JDUN, a new RAT used in attacks on energy companies. The intelligence also found details about Tomiris, which is a new malware that comes with functions for gaining persistence and sending encrypted information about the workstation to an attacker-controlled server.
There were also a large number of attacks on QNAP network drives, used to aggregate large amounts of data from companies and individuals.