Over half of all public and private organizations in the US fell victim to ransomware attacks at some point in 2019. Hackers have continued to employ increasingly advanced techniques to infect machines and encrypt sensitive data.
Ransomware is becoming increasingly common
In 2019, half of all organizations in the US were targeted by hackers who were able to successfully use phishing attacks and ransomware. Cybercrime has seen exponential growth over the last decade, and the techniques hackers have used have constantly evolved to stay one step ahead of law enforcement.
Proofpoint, a cybersecurity research firm, just released their 2020 report entitled ‘State of the Phish’. In the threat report, researchers focused upon phishing, ransomware and cryptojacking attacks. They analyzed the ways hackers employed social engineering to carry out cybercrime, how to improve employee awareness of such attacks, and the ways infosec teams are fighting back.
Proofpoint analyzed over 9 million malicious emails, surveyed 600 industry leaders and 3500 IT employees. They also ran over 50 million phishing attack simulation emails on their customers to provide a comprehensive overview of the state of cybercrime in 2019.
Proofpoint found that over 55% of organizations fell victim to a successful phishing attack last year. 90% of global organizations were targeted by malicious emails phishing attacks, while 50% of organizations suffered from ransomware attacks, compromised accounts or spoofed credentials.
In a surprising finding, Proofpoint discovered that only 69% of victims who paid ransomware attackers were granted keys to unlock the captive data. At least 7% of these victims who paid a ransomware attacker were met with further ransom demands, and 22% of victims paid and still never received access to data. Many of these organizations suffered reputational and financial damage, or excessive downtime directly due to these attacks.
The attackers are a lot more sophisticated nowadays
State organizations, local government offices, healthcare providers, and other organizations with critical infrastructure or sensitive data warehouses were specifically targeted. This is due to the importance of the information these types of organizations often handle custodially.
The report even covered the existence of a Ransomware-as-a-Service option, available on the Dark Web, called Gandcrab. Many who took part in the Proofpoint survey did say that the amount of ransomware and phishing attacks hadn’t noticeably increased since the prior year, although Malwarebytes reported a 500% increase in 2019. Many infections come from already infected infrstructure targeting new networks and databases.
This explosion in cybercrime has led to the state of Maryland introducing legislation to prohibit possession of ransomware. This bill comes in response to the city of Baltimore being completely paralyzed by the Robinhood ransomware attack last May, the second such attack in a year. The city paid the ransom of 13 Bitcoin to the attackers before having the systems reinstated. As it stands, Bitcoin remains the most popular form of payment demanded by cybercriminals, as it can be transferred and laundered much more quickly than cash.
Two New York senators have also recently proposed bills to outlaw paying ransomware with tax-payers money. Their aim is to make ransomware less appealing to hackers and propose spending the money on improving the nation’s cybersecurity infrastructure instead.
Law enforcement and cybersecurity specialists do not recommend paying ransoms to attackers. They do recommend employee cybersecurity and infosec training to mitigate the effectiveness of attacks, something 95% of organizations are already doing.
What do you make of Proofpoint’s report? Add your thoughts below!
Images via Shutterstock