August 8, 2019

Malwarebytes Reports 365 Percent Spike in Business Ransomware Detections

Special edition of quarterly cybercrime techniques and tactics report showcases evolution of ransomware attacks

Santa Clara, CA – August 8, 2019 – MalwarebytesTM, the leading advanced endpoint protection and remediation solution, today released the company’s latest quarterly threat report: Cybercrime techniques and tactics (CTNT): Ransomware retrospective. This special, in-depth ransomware edition of the CTNT explores the shift in ransomware attacks from consumer targets to organizations, businesses, municipalities and beyond, breaking out attack vectors and trends region by region for an unprecedented view into ransomware behavior.

As we approached Q2 2019, cybercriminals renewed a ransomware focus on businesses, as consumer detections were poised to dip below business detections of ransomware for the first time, an expression of lost interest from cybercriminals on individual targets as they look to higher value opportunities. Moving ahead into the second half of 2019, ransomware is expected to continue to evolve through manual and blended attacks with worm-like functionality, as well as more paired attacks with other malware families.

“This year we have noticed ransomware making more headlines than ever before as a resurgence in ransomware turned its sights to large, ill-prepared public and private organizations with easy to exploit vulnerabilities such as cities, non-profits and educational institutions,” said Adam Kujawa, Director of Malwarebytes Labs. “Our critical infrastructure needs to adapt and arm themselves against these threats as they continue to be targets of cybercriminals, causing great distress to all the people who depend on public services and trust these entities to protect their personal information.”

Highlights from the report include:

  • Overall ransomware detections against businesses between Q2 2018 and Q2 2019 have risen by 363 percent.
  • From 2018 to 2019, Malwarebytes saw a 235 percent increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor.
  • Municipalities, educational institutions, and healthcare organizations became prime targets, likely because of legacy infrastructure, outdated hardware and software applications, and lack of security funding in these sectors.
  • Top ransomware families overall include: GandCrab, Ryuk, Troldesh, Rapid and Locky. For business detections there was a constant increase in detections of ransomware families, particularly in Ryuk and Phobos. Ryuk detections increased by 88 percent over last quarter, while Phobos exploded 940 percent from Q1 2019.
  • The rise and alleged retirement of GandCrab leading into the emergence of Sodinokibi ransomware, another Ransomware as a Service (RaaS) using similar technical components.
  • Breakdown of ransomware by country (and state), with the U.S. leading at 53 percent of detections, followed by Canada at 10 percent and the United Kingdom at 9 percent.

Top 10 countries for ransomware

Recently launched just this week, Malwarebytes now offers an incident response services to companies under active attack, their Malware Removal Service (MRS). MRS provides rapid expert intervention and triage to effectively manage and isolate a critical malware incident. To learn more, visit: https://press.malwarebytes.com/2019/08/06/malwarebytes-launches-cyber-first-responder-service-to-save-businesses-under-active-attack.  

For the full report and more information about ransomware and how to arm yourself, or your organization, against this threat, visit: https://blog.malwarebytes.com/reports/2019/08/labs-quarterly-report-finds-ransomeware’s-gone-rampant-against-businesses/

To read more about Malwarebytes’ visit our blog, follow us on Twitter, or check us out on LinkedIn.

About Malwarebytes

Malwarebytes is trusted to protect people and businesses against the latest dangerous cyberthreats including malware, ransomware and exploits that traditional antivirus solutions fail to catch. Malwarebytes offers comprehensive defense and recovery technologies to safeguard devices whether at home or in the office, enabling users to protect themselves anywhere, anytime. Malwarebytes’ team of researchers and security experts protect more than 60,000 organizations and millions of people worldwide, combatting millions of threats daily using artificial intelligence and machine learning to identify behavior and catch new threats rapidly. Driven by a desire to protect everyone’s right to a malware free existence, CEO Marcin Kleczynski founded Malwarebytes in 2008 and has grown the company to over 750 employees across the world today. The company is headquartered in California with offices in Europe and Asia. For more information, visit https://www.malwarebytes.com/.                                                                                                                                                                                                                                    M

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.