Ransomware threat ‘has passed its peak, but remains prevalent’
Cybersecurity is an area of ongoing concern for any modern business, but over the last year or so the issue has taken on greater importance than ever before due to a spate of ransomware attacks affecting organisations across the globe.
Indeed, 2017 was the year that ransomware hit the headlines worldwide, due in large part to the damage caused by the WannaCry cryptoworm, which affected hundreds of businesses and brought the NHS to a standstill for several days. This has led organisations from all sectors to take the threat of this kind of malware more seriously than ever before.
Now, a new report from F-Secure has provided evidence of the degree to which ransomware surged in 2017, as well as offering evidence that the peak of this dangerous trend may already have passed. This does not mean, however, that businesses should be taking the matter lightly.
Why the ransomware trend is on the decline
Ransomware is a form of malicious software that infiltrates a system and encrypts its files, meaning users are no longer able to use their devices or access their own data unless they agree to pay a ransom to the criminals responsible to unlock it.
According to F-Secure's Changing State of Ransomware report, ransomware attacks grew in volume by 415 per cent in 2017 compared with the previous year, with WannaCry accounting for nine out of every ten ransomware detection reports by the end of the year.
In total, 343 unique families and variants of ransomware were discovered in 2017, an increase of 62 per cent over the previous year; however, with the exception of WannaCry, the use of ransomware seemed to decline towards the end of the year, suggesting the "gold rush" mentality surrounding this form of malware among cyber criminals may be tapering off.
F-Secure security advisor Sean Sullivan explained: "The price of bitcoin is probably the biggest factor, as that's made cryptomining a lot more attractive and arguably less risky for cyber criminals. I also think revenues are probably falling as awareness of the threat has encouraged people to keep reliable backups, as has scepticism about how reliable criminals are on delivering their promises of decrypting data."
Why businesses need to remain vigilant
Despite this, the report was quick to note that ransomware remains a considerable cyber security threat. Specifically, it was suggested that tactics may switch to more corporate-focused attack vectors, such as by targeting exposed RDP ports. This method has already been used by the SamSam ransomware family, which has infected several US-based organisations this year.
Additionally, the infamous WannaCry continued to be actively used in the latter half of 2017, with the majority of detection reports coming from Malaysia, Japan, Columbia, Vietnam, India and Indonesia. Businesses need to be vigilant about continuing to protect themselves against this threat, or they could find themselves in a similar predicament to the one famously suffered by the NHS in May 2017.
Mr Sullivan said: "Cyber criminals will always try to pick low-hanging fruit, and they'll return to ransomware if the conditions are right."
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.