Ransomware attacks skyrocketed in the first quarter of 2019, according to the Beazley Breach Response (BBR) Services team, which reported a 105% increase in ransomware attack notifications against clients compared to Q1 2018.
In Q1 2019, the average ransomware demand reported to the BBR Services team was $224,871, an increase of 93% over the 2018 average of $116,324, said the Beazley Breach Insights report.
Not only has the frequency of attacks skyrocketed, but attackers are shifting focus, targeting larger organizations and demanding higher ransom payments, said the report.
While attacks using ransomware as a service (RaaS) platforms remain commonplace, tending to hit unsuspecting small businesses, more sophisticated variants are being deployed through phishing emails and tricking users into activating banking Trojans, the report affirmed.
Although banking Trojans are not a new form of malware — first hitting BBR Services’ radar in 2015 — they are increasingly problematic for businesses. “[W]ithin the last year, BBR services has seen a substantial increase in incidents involving both ransomware and banking Trojans.”
Originally designed to steal banking credentials from users of online banking websites, recent variants of banking Trojans such as Emotet and Trickbot have been used by criminals to harvest all kinds of account details, the report explained.
Newer types of banking Trojans will also perform reconnaissance on email accounts and deploy other malware, most commonly ransomware, onto a system with relative ease, the report continued. Cyber criminals exploit the stolen credentials to steal from financial accounts, defraud through business email compromise, or commit identity theft.
“We have witnessed a considerable uptick in notifications of both ransomware and banking Trojans in the first few months of this year,” emphasized Katherine Keefe, head of Beazley Breach Response Services, in a statement accompanying the report.
“Banking Trojans are particularly troublesome as they are often more difficult to eradicate from an infected IT system than other forms of malware,” she added.
“Not only are we receiving more notifications but they are often used by cyber criminals to install secondary viruses onto computer systems,” Keefe said. “This can cause businesses serious operational, financial and reputational damage if not identified and managed early enough.”
Bill Siegel, CEO of Coveware, attributed the increased number of attacks to two main factors. “First, anytime the average ransom demand goes up, it’s going to pull in more attack groups interested in making money. Second, the easy availability of exploit kits (such as banking Trojans) and RaaS means there is a lower barrier to entry for would-be hackers,” he said.
Was this article valuable?
Here are more articles you may enjoy.