Positive Technologies: Ransomware Attacks Hit “Stratospheric” Levels

Ransomware attacks are hitting “stratospheric” levels, accounting for 69 percent of all malware-based strikes. According to Positive Technologies’ “Cybersecurity Threatscape: Q2 2021” report, “deep research” into the cybersecurity landscape indicates new evolution in attack strategies, as well as a rise in malware created to specifically target Unix-based systems.

Research indicated a dramatic sequential rise in attacks on government institutions (20 percent, from 12 percent in Q1), with new threats such as B-JDUN, a remote-access Trojan used in energy company attacks and Tomiris malware, for gaining persistence and sending encrypted information about the workstation, to an attacker-controlled server recorded by Positive’s Expert Security Center.

Positive noted only a 0.3 percent sequential rise in overall attacks, following largely concerted organizational efforts to secure the network perimeter and remote-access systems. At the same time, however, ransomware jumped by 45 percent in April alone.

The group also noted a ban by “Dark Web forums” on publishing posts regarding ransomware operator partner programs, indicating that ransomware operators may ultimately assemble and supervise their own distributor teams.

“We’ve got used to the idea that attackers distributing malware pose a danger to Windows-based systems,” said Yana Yurakova, Information Security Analyst, Positive Technologies. “Now we see a stronger trend of malware for attacks on Unix systems, virtualization tools, and orchestrators. More and more companies, including larger corporations, now use Unix-based software, and that’s why attackers are turning their attention to these systems.”

Other findings included:

  • Malware attacks up 30 percent Y2Y.
  • “Sharp” decreases in attacks with “Web skimmers.”
  • Increases in social engineering attacks that target retail environments (53 percent), versus Q1 2021 (36 percent).