Early indicators in 2020 show that ransomware attack numbers would be similar to or worse than 2019, but the number of successful attacks reduced considerably now amid the coronavirus (COVID-19) crisis, according to cybersecurity firm Emsisoft Malware Lab. It is now at a level not seen in several years.
Cybercriminals use software vulnerabilities to launch ransomware attacks on organizations and demand payments in cryptocurrencies such as Bitcoin to restore their systems back to normal. They are also distributing malware disguised as other products to steal personal information.
A total of 89 organizations were impacted by ransomware in the first quarter of 2020, with 38 on government entities, 26 on educational institutions and 25 on healthcare entities.
There were a total of 113 attacks on government entities in 2019 for an average of 28.25 per quarter and 89 attacks on educational establishments for an average of 22.25 per quarter, disrupting operations at up to 1,233 individual schools. In the first quarter of 2020, it disrupted operations at up to 422 individual schools.
There were also a total of 764 attacks on healthcare providers in 2019 for an average of 191 per quarter.
In 2019, a total of 966 government agencies, educational establishments and healthcare providers in the U.S. were impacted by ransomware for an average of 241.5 per quarter.
While the number of successful attacks on the public sector has decreased, attacks on the private sector have remained largely unchanged during the COVID-19 pandemic.
The downward trend is continuing into the second quarter with only a relatively small number of successful attacks having occurred between April 1 and 20, with 3 attacks on government entities, 2 on educational institutions and 2 on healthcare entities.
This marked decrease in attacks can be attributed to the suspension of non-essential services during the COVID-19 pandemic as they may have effectively reduced organizations’ attack surfacing. The work-from-home aspect may also have created challenges for ransomware groups.
The decline in successful attacks, and especially attacks on healthcare providers, is obviously a positive, but the relief is likely only temporary. Once organizations resume normal operations, the number of attacks could return to their previous levels.
The reduction may also be due to the fact that many companies are financially distressed.
A recent report by Chainalysis stated that ransomware attacks or, at least, ransomware payments, have decreased significantly since the COVID-19 crisis intensified in the U.S. and Europe in early March.
Source: Read Full Article