It looks like perpetrators of ransomware attacks are not letting up.
If Beazley’s latest breach insights report is anything to go by, the message is clear and simple: the number of attacks and the average ransom demand are only getting bigger. In fact, the Beazley Breach Response (BBR) Services team saw a 105% surge in notifications from the first quarter of 2018 to the same period this year.
As for the ransom payments demanded, the average in the first three months of 2019 – at US$224,871 – even surpassed 2018’s full-year figure of US$116,324.
In the specialist insurer’s new report, chief executive Bill Siegel of incident response firm Coveware offered an explanation.
“First, anytime the average ransom demand goes up, it’s going to pull in more attack groups interested in making money,” said Siegel. “Second, the easy availability of exploit kits (such as banking Trojans) and RaaS (ransomware-as-a-service) means there is a lower barrier to entry for would-be hackers.”
Meanwhile Beazley described banking Trojans as “increasingly problematic” for organizations. Originally designed to steal credentials from online banking users, banking Trojans have evolved into more dangerous and disruptive variants.
Elaborating on the issue, BBR Services head Katherine Keefe noted: “Banking Trojans are particularly troublesome as they are often more difficult to eradicate from an infected IT system than other forms of malware. Not only are we receiving more notifications but they are often used by cybercriminals to install secondary viruses onto computer systems.
“This can cause businesses serious operational, financial, and reputational damage if not identified and managed early enough. Regularly educating employees on what to look out for in emails and timely reporting to IT and BBR Services will help firms manage their cyber risk.”