Why are Ransomware Attacks Increasing in 2020?
In May, a spike in the number of Ransomware operations was reported.
Over time, ransomware attacks have developed, adopting more stealthy and refined methods, while simultaneously fixing many of the implementation mistakes that previous cycles had. A few attacks are currently gaining a new data leak component, which exposes organizations to more than the customary data loss related to ransomware.
There has been a sharp increment in the number of ransomware operations this year, following a pattern previously settled in 2019. This is likely the aftereffect of the high profile of ransomware incidents and, in situations where details of ransom payments have entered the public space, the apparent profitability of human-worked ransomware attacks. This is pulling in new players into the market. Recent appearances incorporate the ransomware systems Avaddon, Darkside, Smaug, and SunCrypt.
In May, a spike in the number of ransomware operations was reported, which had a noteworthy impact on companies previously managing the challenges posed by the COVID-19 pandemic. Huge numbers of these occurrences were the consequence of ransomware attacks and some of them had been accompanied by data breaches.
From that point forward, analysis by PWC’s Threat Intelligence team has indicated that the movement and frequency of ransomware attacks have grown.
Reasons for Increase in Ransomware Attacks
Bitcoin Value Crash
The ransomware infection rate had diminished as malware creators directed their concentration toward crypto mining for a while. It was probably simpler and more rewarding for malware creators to take Bitcoin and different cryptocurrencies than to attempt to coerce payment. Nonetheless, Bitcoin hit its peak value of nearly $20,000 in December 2017. Although Bitcoin has seen somewhat of a comeback recently, with current costs in an overabundance of $9,000, this expansion in value is very recent. Towards the start of 2019, Bitcoin costs were under $4,000, which is just about 20% of its peak value.
Between the Bitcoin price crash of 2018 and how security experts started investing more energy significantly into crypto mining prevention, it was practically unavoidable that malware authors would start to focus less on creating crypto miners and returning to their unique gold mine, ransomware.
Ransomware Tasks are Adaptable
The appearance of new ransomware groups, the expansion of RaaS plans, and the way that established criminal actors have added ransomware tasks to their exercises have all prompted an increase in attacks. In any case, another key factor is that numerous ransomware operations are characteristically scalable. High-profile affiliate programs like Sodinokibi and NetWalker have effectively enrolled new partners.
The income of affiliate programs and the number of attacks they can support are an element of the affiliates’ number and viability that threat actors have recruited. This has presented a new level of competition between rival affiliate programs, as they try to draw in top-notch candidates to broaden their operations. For instance, the threat actor controlling Sodinokibi hopes to hold 30-40% of the income produced by its affiliates. However, the selling purpose of the NetWalker plot is that effective partners can hold 80-90% of the returns of their attacks.
Encouraging Ransomware Authors
The notorious WannaCry attack demonstrated without question that a ransomware attack could be fiercely powerful for a terrific scope. Despite the fact that healthcare organizations got the heft of the media consideration following the WannaCry episode, the harm was in no way limited to the healthcare industry. Apple chip producer TSMC needed to stop its assembling operations following a gigantic WannaCry infection briefly. Total losses from the episode were assessed to have surpassed $250 million.
From numerous points of view, WannaCry had a distinct advantage. It was the first of the truly large-scale ransomware attacks intended to perpetrate huge financial damage on businesses. After witnessing WannaCry’s effectiveness, it was only a matter of time before
other malware creators started to make similar obliterating ransomware.
With worldwide ransomware anticipated to create revenues of at least a billion dollars this year, ransomware authors will continue targeting organizations for a long time to come. It is subsequently important for organizations to implement available safeguards, create regular data backups and instruct workers on how best to avoid setting off a ransomware infection.