A look at the recently released cybercrime report by Malwarebytes that focuses on ransomware has some interesting takeaways:
First the United States is the target 53% of the time. Canada came in second at a distant 10%.The top 5 states targeted were in order: Texas, California, New York, North Carolina and Georgia.
The threat actors are moving from home consumer-based attacks to business-based attacks in droves. This is likely because the value of a business attack is much higher than consumers and that consumers are getting better and better at defending.
The businesses attacked are more and more commonly government, cities and municipalities, healthcare and education. Many of these are cash strapped and running on legacy infrastructure. In fact, attacks against these targets is up 300% from 2017 until now.
One of the most interesting facts found is that consistently newer ransomware is using older infections that it can detect as markers for potential targets. So, your past cleanup efforts matter.
What does this mean for businesses? Well since the ransomware is constantly evolving, we need to be evolving our tactics for prevention, detection, response and recover. We cannot be complacent and assume that our past prevention methods will always work. We must go through the ‘what if’ scenarios in order to have a comprehensive plan for dealing with the unknown or unseen.
The enemy is wise and we need to keep on our toes to stay one step ahead of them.