The volume of ransomware attacks is declining, but law enforcement agencies are observing a more targeted approach from criminals seeking lucrative victims. The latest Europol report shows how companies became more exposed in 2018 and 2019.
Europol (The European Union Agency for Law Enforcement Cooperation) released its Internet Organized Crime Threat Assessment for 2019, underlining all the possible attack vectors and online dangers discovered this year. Similar to last year’s report, the chief concern is ransomware and how it affects the private sector.
In 2018, the volume of ransomware-related incidents decreased considerably, but that doesn’t mean attackers gave up – they just tightened their focus on more lucrative targets, such as companies. It’s a more complex procedure as hackers have to go through a cyber kill-chain, but they would also have a much better understanding of how much ransom a target would be willing to pay.
“The number of victims is still high, and ransomware clearly and overwhelmingly retains its position as the top cyber threat faced by European cybercrime investigators, the second most prominent threat for the private sector, and one of the most common samples submitted to the Europol Malware Analysis Solution (EMAS),” explains the Europol report.
Investigators found more than 25 families of ransomware operating within Europe alone, and many of these have been around for many years, with Dharma/CrySiS, ACCDFISA, GlobeImposter, and Rapid, to name a few. The threats change as decryptors for ransomware become available, and new versions and variants are always showing up to try to bypass upgraded protection.
While the Europol report says people are no longer the main target of these attacks, it doesn’t mean they’re completely in the clear. Users still need to be vigilant and stay safe by following a few simple rules, and the same is valid for companies as well.