Cybercriminals are increasingly targeting businesses with ransomware instead of consumers for a bigger payout, according to Malwarebytes.
Ransomware is back with a vengeance, if you’re a business, according to Malwarebytes’s Cybercrime Tactics and Techniques: Ransomware Retrospective report, released Thursday.
The malware is delivered through spear phishing emails and locks up valuable data assets, demanding a ransom to release them. While ransomware made headlines a few years back as a consumer problem, it was sidelined as other attacks became more popular among cybercriminals. But this year, the threat has come back to life, switching from mass consumer campaigns to highly-targeted attacks on businesses that will give cybercriminals a bigger bang for their buck, according to the report.
Businesses—particularly those in fields like education and healthcare—often have weak infrastructure and poorly-constructed operational security, allowing hackers to encrypt business-critical data and demand a higher ransom.
Business detections of ransomware rose 365% from Q2 2018 to Q2 2019, the report found, while consumer detection decreased by 12%.
“Cybercriminals are searching for higher returns on their investment, and they can reap serious benefits from ransoming organizations over individuals, who might yield, at best, a few personal files that could be used for extortion or identity theft,” the report stated. “Encrypting sensitive proprietary data on any number of endpoints allows cybercriminals to put forth much larger ransom demands while gaining an exponentially higher chance of getting paid.”
Ryuk and Phobos are the top ransomware families attacking businesses, and increased by 88% and 940% over Q1 2019, respectively, the report found. Gandcrab and Rapid business detections also increased year over year, with Rapid rising 319% over Q2 2018. However, business detections of GandCrab decreased by 5% in Q2 2019.
In the future, it’s likely that ransomware campaigns will continue to target businesses over consumers, the report noted.
“For too many years, there have been hugely-successful ransomware attacks that have resulted in criminals making off with thousands, even millions of dollars from a single infection,” it stated. “If that isn’t motivation to double down on this attack type, we don’t know what is.”