Rise in ransomware attacks aimed at vulnerable industries

The number of businesses being impacted by ransomware in the industries that are most susceptible to this type of cyber attack has risen by a third, according to figures published by PhishLabs this week.

The Register reports that small businesses are particularly susceptible to ransomware, which is why the gangs running these malicious campaigns are turning their attention to firms that come from a sector with a track record for paying out in the event of a successful breach.

Public sector departments, healthcare bodies and educational institutes are also on the hit list of hackers, with cybercriminals profiting from the eagerness to regain access to mission-critical data which exists within all of these organisations.

Ransomware which infects devices and encrypts files, preventing access to them until a fee is paid, is now the most popular type of malware included as part of phishing scams. The reasons for its rise to prominence are that it is simple to use and can generate a lot of cash for the gangs.

Interestingly, the report also outlines the fact that there are peaks and troughs in the use of ransomware throughout the course of the year, with major political upheaval resulting in rapid rises in the number of incidents recorded. In the aftermath of the Brexit vote in 2016, for example, there was a rash of ransomware attacks against businesses across the UK, as well as an increase in traditional hacking activities.

Almost two thirds of the phishing sites that scammers use to perpetuate ransomware infections are hosted on servers housed in the US. However, analysts have noted a shift in this industry from North America towards Eastern Europe, as cybercriminals change their tactics and seek to operate in countries where there is the least chance of legal ramifications for their actions.

As well as harnessing phishing sites to trick users into allowing ransomware onto devices and systems, gangs are also exploiting the ways in which access to modern IT services is managed to gain the upper hand.

Since most solutions rely on an email address to act in place of a user name, it is easy for third parties to gain knowledge of genuine login credentials and then exploit this information across multiple platforms, causing havoc. And since these credentials are often reused again and again, crooks can build huge databases from which further attacks can be facilitated.

While businesses working in the finance sector, as well as public sector tax authorities, are currently being prioritised by those responsible for phishing scams who want to turn a major profit, experts believe that change is coming to this black market industry. It is expected that cloud computing providers will increasingly be targeted as criminals seek access to even more illicitly gained information and income.

The fact that it has been possible for hackers to identify specific industries which contain organisations that will have an increased likelihood of submitting to demands for data ransoms should be alarming. Concerns should also be raised by the fact that there is an upward trend for this type of attack.

Businesses being willing to pay for cybercriminals to decrypt data and relinquish the stranglehold they have on entire IT systems is not surprising. Without access to this information, modern organisations cannot function and could easily crumble in the face of a persistent attack.

This should cause companies to seek to raise awareness about the prevalence of phishing attacks, especially those operating in the industries that are seen as soft targets, or else this problem will only continue to expand its influence.