Emsisoft: “the number of successful ransomware attacks in the US is growing again»

The number of successful ransomware attacks in the United States declined between January and April 2020. However, the trend is changing, and the number of successful ransom attacks in cryptocurrencies is growing again.

According to a study by cybersecurity company Emsisoft, in 2019, ransomware attacked an unprecedented number of US government agencies, health care providers, and educational institutions. At least 966 organizations were attacked, and extortionists received ransoms of $7.5 billion, including in cryptocurrencies.

Between January and April 2020, the number of successful attacks on public sector targets decreased month after month as the coronavirus pandemic worsened. However, as the researchers note, the trend is changing again and the number of successful attacks by ransomware viruses is starting to grow again. This may be due to the lifting of restrictions or just a seasonal surge.

According to Emsisoft, during the first and second quarters, at least 128 us government organizations, medical service providers, and educational institutions were affected by ransomware. The most attacks were made in January and February – 39 and 38 incidents, respectively, and the least in March and June – 12 and 14 attacks, respectively.

The report says that other researchers have previously repeatedly pointed out that the US public sector has poor protection measures against cybercrime. Emsisoft notes that the situation should change, since such attacks with ransom demands in cryptocurrencies are not only expensive, but also accompanied by data leaks.

“Since November last year, an ever-growing number of hacker groups, including DoppelPaymer, REvil/Sodinokibi and NetWalker, have been stealing data before encrypting it. If the target object refuses to pay the ransom, the stolen data is published or put up for auction,” the researchers note.

Emsisoft claims that data was stolen this year from at least five government agencies and three universities, including a state research University actively involved in COVID-19 research. If steps are not taken to improve security immediately, data will inevitably be stolen from other organizations and placed in the public domain.

“2020 should not be a repeat of 2019. An appropriate level of investment in people, processes and it will lead to a significant reduction in the number of incidents with ransomware viruses, and those attacks that occur will be less serious, destructive and costly,” said Fabian Wosar, technical Director of Emsisoft.

Recently, it became known that the new Avaddon encryption virus is distributed through Excel macros, and the new Conti ransomware virus runs 32 threads at once to encrypt files.