Ransomware attacks have hit ‘stratospheric’ levels and now account for almost 70 per cent of all attacks that use any form of malware or malicious software – which is any software intentionally designed by hackers to steal data, harm or exploit any electronic device. This is a 30 per cent jump from the same period in 2020.
The most common targets of ransomware in the second quarter of 2021 were governmental, medical and industrial companies along with scientific and educational institutions, according to a recent report from leading global cybersecurity provider Positive Technologies.
The overall percentage of attacks against government agencies climbed to 20 per cent in the second quarter from 12 per cent in the first quarter. Ransomware third parties (using Ransomware-as-a-service) were involved in almost 75 per cent of all of these malware-related attacks.
For the second quarter, the industrial sector was involved in 80 per cent of overall malware attacks. Citing one specific incident, Positive Technologies said it found a new type of remote administration tool (RAT) called B-JDUN, which was used to target an energy company. They do not specify if nuclear power plants were involved although these cyber attacks on critical infrastructure do form a worrying trend and is now being classified by governments as impacting National Security.
The volume of ransomware attacks had already been surging in April this year. But in early May, cyberattacks targeted the US Colonial Pipeline and the police department of the District of Columbia. Such attacks revealed the boldness and audacity of today’s ransomware gangs. But they also triggered unwanted publicity, catching the attention of law enforcement agencies and eventually the U.S. government, leading to efforts to crack down on ransomware attacks by US federal agencies and international law enforcement.
As a result, cybercriminals have since started to change their methods, relying less on partners or clients (in ransomware-as-a-service) to carry out attacks and more closely supervising their cyber attacks. Some have also vowed to leave alone certain industries, such as those involved in critical operations or…