Infoblox identifies the biggest malware campaigns of Q2 2021

Infoblox and its Cyber Intelligence Unit (CIU) have released the latest iteration of the company’s quarterly Cyber Threat Intelligence Report. Incorporating detailed analysis of advanced malware campaigns and significant attacks which took place between 1st April 2021 and 30th June 2021, the report delves into the staggering growth in ransomware attacks as well as potential mitigation steps.

  • Saturday, 7th August 2021 Posted 3 years ago in by Phil Alsop

Key findings include:  

 

1.     Ransomware now presents one tenth of all cyber attacks

In an expanded view of ransomware, the report points out that approximately 10 percent of all breaches now involve ransomware. The impact and expense of successful ransomware attacks can be crippling to organisations and the recent attacks on JBS and Colonial Pipeline have brought focus to the danger of increasingly sophisticated ransomware campaigns. 

2.     Payouts for ransomware attacks reach over $370 million in cryptocurrency 

Research shows that the estimated payments in 2020 associated with ransomware have been estimated to be about $370 million in cryptocurrency. However, the total damage associated with ransomware is estimated to be much higher than the cryptocurrency payouts alone — reaching up to $20 billion.  

3.     Ransomware-as-a-Service continues to rise 

As many potential bad actors lack the skills to build and launch their own ransomware attacks, there has been an increase in the use of Ransomware-as-a-Service (RaaS). An example of it is DarkSide, a group and a ransomware that is available as RaaS, where the ransomware software developers, for a price, provide the malware to affiliate organisations that deploy it.  

4.     Risk mitigation remains key protection technique  

In order to mitigate the risk of a successful ransomware attack, organisations should require multi-factor authentication for access to IT assets and applications and re-validate authentication every time access is required for a new session. They should also use spam filters to prevent phishing emails and executable files from reaching end users as this can stop many known malicious URLs early in the attack chain. Training of users on handling phishing emails should become a priority as bad actors often obtain access through users who visit malicious websites, open malicious attachments, or enable macros in Microsoft Office attachments.