During the third quarter of 2018 ransomware attacks were at an all-time high and the ransoms asked from organizations to decrypt the locked files were also on the rise according to a report from Beazley Breach Response (BBR) Services.
According to their analysis, the number of ransomware attacks more than doubled during September when compared to the ransomware incidents detected during August.
This is entirely unexpected given that throughout 2018 the number of ransomware events has been closely following the 2017 trend, with no spikes and no out of the ordinary stats.
"Healthcare is still the most targeted industry (37%). The next hardest hit sector was professional services (11%)," says BBR's report. "In Q3, financial institutions saw an 18 percentage points increase in ransomware attacks over the previous quarter."
Among all ransomware affecting organizations worldwide, the BitPaymer and Ryuk strains were the ones that generated the highest value ransoms, with some demands rising as high as $2.8 million.
SMBs were affected by 71% of all ransomware attacks during Q3 2018
Beazley Breach Response Services also concluded that on most systems compromised by ransomware, the attackers have also dropped banking trojans which allow for banking and login credential exfiltration.
Although decrypting data locked in ransomware attacks becomes harder as this type of malware strain evolves, there are incidents when recovering the data is impossible because of strains which contain encryption errors and poorly coded functionality.
As Winston Krone, global managing director of Kivu Consulting says, there is "a sharp increase in ‘bad’ ransomware strains – where the malware carries out the encryption but has poor functionality, fatally corrupts substantial portions of the victim’s data, fails to decrypt properly after payment of a ransom, or is favored by volatile, unskilled attackers who are unable to troubleshoot decryption issues."
Out of all ransomware attacks recorded and analyzed by RBR during Q3 2018, small and medium-sized businesses were the ones impacted by the vast majority of cases with 71% of them going through at least one such event.