Cybercriminals are increasingly targeting businesses with ransomware instead of consumers for a bigger payout, according to Malwarebytes.
Ransomware is back with a vengeance, if you’re a business, according to Malwarebytes’s Cybercrime Tactics and Techniques: Ransomware Retrospective report, released Thursday.
The malware is delivered through spear phishing emails and locks up valuable data assets, demanding a ransom to release them. While ransomware made headlines a few years back as a consumer problem, it was sidelined as other attacks became more popular among cybercriminals. But this year, the threat has come back to life, switching from mass consumer campaigns to highly-targeted attacks on businesses that will give cybercriminals a bigger bang for their buck, according to the report.
Businesses—particularly those in fields like education and healthcare—often have weak infrastructure and poorly-constructed operational security, allowing hackers to encrypt business-critical data and demand a higher ransom.
Business detections of ransomware rose 365% from Q2 2018 to Q2 2019, the report found, while consumer detection decreased by 12%.
« Cybercriminals are searching for higher returns on their investment, and they can reap serious benefits from ransoming organizations over individuals, who might yield, at best, a few personal files that could be used for extortion or identity theft, » the report stated. « Encrypting sensitive proprietary data on any number of endpoints allows cybercriminals to put forth much larger ransom demands while gaining an exponentially higher chance of getting paid. »
Ryuk and Phobos are the top ransomware families attacking businesses, and increased by 88% and 940% over Q1 2019, respectively, the report found. Gandcrab and Rapid business detections also increased year over year, with Rapid rising 319% over Q2 2018. However, business detections of GandCrab decreased by 5% in Q2 2019.
In the future, it’s likely that ransomware campaigns will continue to target businesses over consumers, the report noted.
« For too many years, there have been hugely-successful ransomware attacks that have resulted in criminals making off with thousands, even millions of dollars from a single infection, » it stated. « If that isn’t motivation to double down on this attack type, we don’t know what is. »