According to a study by cybersecurity company Emsisoft, in 2019, ransomware attacked an unprecedented number of U.S. government agencies, healthcare providers and educational institutions. At least 966 organizations were attacked, and ransomware received ransoms of $ 7.5 billion, including in cryptocurrencies.
Between January and April 2020, the number of successful attacks on public sector facilities decreased month after month as the coronavirus pandemic worsened. However, as the researchers note, the trend is changing again and the number of successful ransomware viruses is starting to grow again. This may be due to the abolition of restrictions or just a seasonal surge.
According to Emsisoft, during the first and second quarters, at least 128 US government organizations, medical service providers, and educational institutions were affected by ransomware. The most attacks were carried out in January and February – 39 and 38 incidents, respectively, and the least in March and June – 12 and 14 attacks, respectively.
The report said that other researchers have repeatedly pointed out that the US public sector has poor protection against cybercrime. Emsisoft notes that the situation should change, since such attacks with the demand for a ransom in cryptocurrencies are not only expensive, but also accompanied by data leaks.
“Since November last year, an ever-growing number of hacker groups, including DoppelPaymer, REvil / Sodinokibi and NetWalker, have been stealing data before encrypting it. If the target refuses to pay the ransom, the stolen data is published or put up for auction, ”the researchers note.
Emsisoft claims that data was stolen this year from at least five government agencies and three universities, including a state research university actively involved in COVID-19 research. Unless steps are taken to immediately improve security, data will inevitably be stolen from other organizations and made publicly available.
“2020 should not be a repeat of 2019. Adequate investment in people, processes, and IT will significantly reduce the number of ransomware incidents, and the attacks that occur will be less serious, disruptive, and costly, ”said Emsisoft CTO Fabian Wosar.
The other day it became known that the new Avaddon ransomware virus is spreading through Excel macros, and the new virus starts 32 streams at once to encrypt files.