According to a new survey, ransomware attacks on high-profile targets such as businesses, government agencies, and local organisations increased by 767 percent in one year (from 2019 to 2020).
In recent years, targeted ransomware attacks have become a major concern around the world, especially for organisations and businesses in the Asia-Pacific region, particularly in India.
Commenting on the report, Chris Connell, Managing Director, Kaspersky (APAC), said “At least 61 entities from the region were breached by a targeted ransomware group in 2020. Australia and India being the top two countries that logged the highest number of incidents across APAC,”
According to cyber security firm Kaspersky, the rise in targeted ransomware coincided with a 29% decrease in the total number of users affected by any form of ransomware, with WannaCry still being the most commonly encountered family.
Targeted ransomware attacks are more sophisticated (network compromise, reconnaissance and persistence, or lateral movement) and pay out substantially more money.
The number of users who were infected with targeted ransomware rose by 767 percent from 2019 to 2020.
WannaCry, the ransomware Trojan that first emerged in 2017 and caused at least $4 billion in damages across 150 countries, is now the most commonly encountered ransomware family among users.
In 2019, nearly 22% of users who were infected with ransomware encountered WannaCry, but that number dropped to 16% in 2020.
Fedor Sinitsyn, security expert at Kaspersky, said “We’ll most likely see fewer and fewer widespread campaigns targeting everyday users. Of course, that’s not to say users aren’t still vulnerable,”
He added “However, the primary focus will likely continue to be on companies and large organisations, and that means ransomware attacks will continue to become more sophisticated and more destructive,”
Following large-scale outbreaks including WannaCry and Cryptolocker in the 2010s, the ransomware threat (when attackers encrypt private information and demand a ransom) became popular news.
They targeted tens of thousands of users and often demanded small sums from victims in exchange for the return of their files.
During this time, Maze, the notorious group responsible for many high-profile attacks, and RagnarLocker, which was also in the news, were two of the most prominent targeted ransomware families.
According to the study, both of these families started a pattern of exfiltrating data, encrypting it, and threatening to make the sensitive information public if the victims refused to pay.