The volume of ransomware attacks is declining, but law
enforcement agencies are observing a more targeted approach from criminals seeking
lucrative victims. The latest Europol report shows how companies became more
exposed in 2018 and 2019.
Europol (The European Union Agency for Law Enforcement
Cooperation) released its Internet Organized Crime Threat Assessment for 2019, underlining
all the possible attack vectors and online dangers discovered this year.
Similar to last year’s report, the chief concern is ransomware and how it
affects the private sector.
In 2018, the volume of ransomware-related incidents
decreased considerably, but that doesn’t mean attackers gave up – they just tightened
their focus on more lucrative targets, such as companies. It’s a more complex
procedure as hackers have to go through a cyber kill-chain, but
they would also have a much better understanding of how much ransom a target
would be willing to pay.
“The number of victims is still high, and ransomware
clearly and overwhelmingly retains its position as the top cyber threat faced
by European cybercrime investigators, the second most prominent threat for the
private sector, and one of the most common samples submitted to the Europol
Malware Analysis Solution (EMAS),” explains the Europol report.
Investigators found more than 25 families of ransomware operating
within Europe alone, and many of these have been around for many years, with
Dharma/CrySiS, ACCDFISA, GlobeImposter, and Rapid, to name a few. The threats change
as decryptors for ransomware become available, and new versions and variants
are always showing up to try to bypass upgraded protection.
While the Europol report says people are no longer the
main target of these attacks, it doesn’t mean they’re completely in the clear.
Users still need to be vigilant and stay safe by following a few simple rules, and
the same is valid for companies as
well.