MalwarebytesTM, the leading advanced endpoint protection and remediation solution, released the company’s latest quarterly threat report: Cybercrime techniques and tactics (CTNT): Ransomware retrospective.
This special, in-depth CTNT report explores the shift in ransomware attacks from consumer targets to organizations, businesses, municipalities and beyond, breaking out attack vectors and trends region by region for an unprecedented view into ransomware behaviour.
As we approached Q2 2019, consumer detections were poised to dip below business detections of ransomware for the first time, an expression of lost interest from cybercriminals on individual targets as they look to higher value opportunities. Moving ahead into the second half of 2019, ransomware is expected to continue to evolve through manual and blended attacks with worm-like functionality, as well as more paired attacks with other malware families.
“This year we have noticed ransomware making more headlines than ever before as a resurgence in ransomware turned its sights to large, ill-prepared public and private organizations with easy to exploit vulnerabilities such as cities, non-profits and educational institutions,” said Adam Kujawa, Director of Malwarebytes Labs. “Our critical infrastructure needs to adapt and arm themselves against these threats as they continue to be targets of cybercriminals, causing great distress to all the people who depend on public services and trust these entities to protect their personal information.”
Key highlights in APAC:
Overall ransomware detections against businesses between Q2 2018 and Q2 2019 have risen by 263 percent, and 81 percent in Singapore.
From 2018 to 2019, Malwarebytes saw a 235 percent increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor.
Businesses in Singapore have experienced a sharp increase of 81% in ransomware attacks from Q1 to Q2 in 2019, albeit a slight decrease of 7% in ransomware targeted at consumers.
Ransomware targeted at businesses continue to increase across regions, with a 263% increase from Q1 and a decrease of 16% for ransomware targeted at consumers.
GandCrab is the most prevalent type of ransomware globally, with Rapid and Locky coming in a close second in Asia Pacific.
Trojans remain the most common threat among the Asia Pacific region, for both businesses and consumers, followed by Adware.
Top ransomware families overall include: GandCrab, Ryuk, Troldesh, Rapid and Locky. For business detections there was a constant increase in detections of ransomware families, particularly in Ryuk and Phobos. Ryuk detections increased by 88 percent over last quarter, while Phobos exploded 940 percent from Q1 2019.
For the full report, please refer to https://resources.malwarebytes.com/resource/cybercrime-tactics-and-techniques-ransomware-retrospective/