More and more businesses are being attacked by targeted ransomware every day, a new report suggests.
Symantec’s latest whitepaper says that during 2018, the overall number of ransomware infections was down 20 per cent, while attacks against organisations went up 12 per cent, which seems to suggest a more targeted approach to cybercrime.
Enterprises accounted for more than four in five of all ransomware infections since the beginning of 2018, it added.
To make things happen, hackers employ a wide variety of tools, including those that are publicly available, but also commodity malware and ‘living off the land’ tactics.
The number of targeted ransomware threats has multiplied in recent months, Symantec claims, adding that at least five different ransomware families are being used to target specific companies.
These families include SamSam (targeting Atlanta, for example), Ryuk (a tool used against Tribune Publishing) and GoGalocker (Altran Technologies), to name a few.
“Ransomware continues to be one of the most dangerous cybercrime threats facing any organization,” Symantec says in its report.
“While ransomware remains highly prevalent, the nature of the threat has changed markedly over the past two years and enterprises are increasingly being targeted by ransomware groups.”
Ransomware is a type of malware in which all data on a network get encrypted, and criminals demand ransom in cryptocurrency in exchange for the decryption key. Cybersecurity experts advise businesses not to pay the ransom, but instead to regularly backup their files and educate their employees on the dangers of phishing and business email compromise (BEC) attacks.