Infoblox identifies the biggest malware campaigns of Q2 2021

Infoblox and its Cyber Intelligence Unit (CIU) have released the latest iteration of the company’s quarterly Cyber Threat Intelligence Report. Incorporating detailed analysis of advanced malware campaigns and significant attacks which took place between 1st April 2021 and 30th June 2021, the report delves into the staggering growth in ransomware attacks as well as potential mitigation steps.

  • 3 years ago Posted in

Key findings include:  

 

1.     Ransomware now presents one tenth of all cyber attacks

In an expanded view of ransomware, the report points out that approximately 10 percent of all breaches now involve ransomware. The impact and expense of successful ransomware attacks can be crippling to organisations and the recent attacks on JBS and Colonial Pipeline have brought focus to the danger of increasingly sophisticated ransomware campaigns. 

2.     Payouts for ransomware attacks reach over $370 million in cryptocurrency 

Research shows that the estimated payments in 2020 associated with ransomware have been estimated to be about $370 million in cryptocurrency. However, the total damage associated with ransomware is estimated to be much higher than the cryptocurrency payouts alone — reaching up to $20 billion.  

3.     Ransomware-as-a-Service continues to rise 

As many potential bad actors lack the skills to build and launch their own ransomware attacks, there has been an increase in the use of Ransomware-as-a-Service (RaaS). An example of it is DarkSide, a group and a ransomware that is available as RaaS, where the ransomware software developers, for a price, provide the malware to affiliate organisations that deploy it.  

4.     Risk mitigation remains key protection technique  

In order to mitigate the risk of a successful ransomware attack, organisations should require multi-factor authentication for access to IT assets and applications and re-validate authentication every time access is required for a new session. They should also use spam filters to prevent phishing emails and executable files from reaching end users as this can stop many known malicious URLs early in the attack chain. Training of users on handling phishing emails should become a priority as bad actors often obtain access through users who visit malicious websites, open malicious attachments, or enable macros in Microsoft Office attachments.  

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...