The ransomware is one of the most dangerous and common threats faced by organizations around the world. The ransomware attacks increased significantly in 2020. Meanwhile, Criminals observe how they respond to victims and adjust their attacks to make them more difficult.
From September 2020, one in four attacks detected by IBM was caused by ransomware. The month with the most ransomware attacks was the June. In June, 1/3 of the ransomware attacks detected by IBM since the beginning of 2020 took place.
What has been observed during this period is that The hackers they demanded more ransom money and combined system encryption with data theft and blackmail for reporting.
- The attackers in some cases demanded up to $ 40 million.
- The Sodinokibi ransomware was responsible for one in three attacks discovered by researchers
- Schools and universities have been an attractive target for ransomware gangs
- 41% of all ransomware attacks analyzed by IBM targeted organizations with OT networks.
What are the trends and the most common tactics used by ransomware gangs in 2020?
Ransomware Attack Trends 2020
Looking at data from the second quarter of 2, the number of ransomware attacks detected by the IBM Security X-Force Incident Response was three times higher than in the previous quarter.
Goals ransomware attacks
In terms of targets, IBM noticed a change in attacks. The construction companies found in the crosshairs of hackers. In 2020, 1/4 of the attacks targeted these companies. The governmental organizations is also a favorite target of criminals.
Attacks in these areas show that attackers select victims based on their importance. They choose victims who can not stop working for many hours or days and thus increase the chances of paying the ransom.
In addition to these areas, the IBM Security X-Force also noted an increase in ransomware attacks on academic institutions, throughout 2020.
In which areas are the victims?
Ransomware attacks target organizations around the world, but the Asia and North America have been hardest hit in 2020. The Europehas also faced many attacks in recent months. Researchers claim that hackers target areas with many businesses, so that there are many options.
Ransomware 2020: What is the No1 tactic?
One of the most common tactics in 2020 was combination of ransomware and data theft. The attackers steal sensitive company information before encrypting it and threaten to publish it if the victims do not pay the ransom.
In accordance with Security Intelligence, this means that even if the Companies can restore the systems themselves, endangered by infringement data. This can ruin their reputation and force them to pay fines.
Dealing with ransomware attacks
The new ways of attack observed in 2020, have put the victims in a more difficult position compared to previous campaigns. The data The victims are in danger, while the ransom is increasing.
Hackers encrypt files and threaten to leak stolen data, forcing victims to pay ransoms. Experts do not support the ransom payment, because in this way the activity of hackers.
Companies can help mitigate risks and minimize losses with the following steps:
- Create and maintain offline backups
- Implement a strategy to prevent unauthorized data theft
- Multi-factor authentication application
- Penetration testing for vulnerabilities in corporate networks
- Training and raising awareness of cybercrime staff