Remote work sets scene for 10-fold growth in ransomware
The lockdown and remote work have created an ideal environment for a spike in ransomware, according to Kaspersky.
Speaking ahead of a cyber security threat landscape and intelligence webinar to be held in South Africa in partnership with ITWeb, Maher Yamout, senior security researcher, Global Research & Analysis Team at Kaspersky, says threat researchers have seen a dramatic increase in certain types of ransomware this year.
“The incidence of STOP ransomware, for example, has increased more than ten times in the first two quarters of this year, compared to the same period last year,” he says. “STOP propagates using cracked software adware bundles and shady Web sites. This gives us a hint as to why we have seen a spike. Cracked software seems common in South Africa and Africa, and as people moved to work remotely and used their personal devices for work, they may have tried to use cracked software. So, cyber criminals are probably exploiting this and Trojanising cracked software. This is interesting because they are not directly exploiting the pandemic, but rather the circumstances around it.”
Yamout says there has also been a dramatic rise of Pornoblocker, with an increase of around three to five times over the same period last year. This too, might be attributed to people who were bored under lockdown at home.
Cracked software seems common in South Africa and Africa, and as people moved to work remotely and used their personal devices for work, they may have tried to use cracked software.
Kaspersky believes many organisations have fallen behind in their cyber security efforts as they focused on availability in the early stages of lockdown. However, with cyber criminals increasingly taking advantage of the new environment, organisations need to focus more on cyber security, becoming more proactive in their approach.
One area in which organisations need to step up their efforts is in understanding their threat profile, intruders attempting to break in, their common techniques and what their target is in attacking an organisation.
Says Yamout: “Each threat actor group operates differently, using different tools and techniques, and each group targets specific data – some want credit card information, while others may be after sensitive information which they will broker to the highest bidder. If an organisation understands what attackers want, it is better prepared to mitigate risk.”
Kaspersky will present an overview of the 2020 threat landscape and share predictions for the rest of the year and 2021 at a webinar entitled Cyber security threat landscape and intelligence on 29 September.
Kaspersky's senior researchers and product managers will highlight changes in the threat landscape, emerging threats, and why the concepts of threat intelligence and endpoint detection and response are necessary for building a solid cyber security strategy.
For more information, and to register for this free event, click HERE.