Home Scholarly articles Ransomware on target for 150% increase this year

Ransomware on target for 150% increase this year


Data security

Ransomware on target for 150% increase this year

No more bad news on the data security front. Both ransomware and fileless malware are on the rise this year.

According to the new press release Q2 2021 Internet Security Report from WatchGuard Technologies, in the first six months of 2021, ransomware attacks were already almost the total volume of the previous year and are expected to increase by 150% by the end of the year. According to WatchGuard: “While the total number of ransomware detections on the device was on a downward trajectory from 2018 to 2020, this trend came to a halt in the first half of 2021, when the six-month total ended just in below the year’s total for 2020. If daily ransomware detections remain unchanged through 2021, this year’s volume will reach an increase of over 150% from 2020. “

Fileless malware – malware from script engines, such as PowerShell – is growing at an even faster rate and is set to double the 2020 total this year. AMSI.Disable.A is one such type of malware on the rise. According to WatchGuard: “AMSI.Disable.A first appeared in WatchGuard’s Top Malware section in Q1 and immediately rose for this quarter, reaching No. 2 in volume and No. 1 in volume. set of encrypted threats. . This malware family uses PowerShell tools to exploit various vulnerabilities in Windows. But what makes her particularly interesting is her avoidance technique. WatchGuard has discovered that AMSI.Disable.A uses code capable of disabling the Antimalware Scanning Interface (AMSI) in PowerShell, allowing it to bypass script security checks with its undetected malware payload. “

Other findings of the report include:

  • A whopping 91.5% of all malware has arrived over an encrypted connection. “Simply put, any organization that doesn’t examine perimeter encrypted HTTPS traffic is missing 9/10 of all malware,” according to WatchGuard.

  • Network attacks increased 22% in the quarter, reaching the highest level since 2018. “The first quarter saw nearly 4.1 million network attacks. In the following quarter, this number has jumped by another million – forging an aggressive course that highlights the growing importance of maintaining perimeter security alongside user-centric protections.

  • Microsoft Office continues to be a popular attack vector. WatchGuard reported a new RCE 2017 vulnerability that debuted in the second quarter as Network Attack # 1. “While this may be an old exploit and fixed in most systems (hopefully), the ones that haven’t been fixed yet are about to wake up abruptly if an attacker is able to. ‘get there before them. “

  • In addition to the RCE 2017 vulnerability, two other top 10 network attacks exploited older vulnerabilities, according to the report: a “2011 Oracle GlassFish Server [and] a 2013 SQL injection flaw in the OpenEMR medical records application…. “

The report was based on “anonymized Firebox feed data from active WatchGuard Fireboxes whose owners have chosen to share data to directly support Threat Lab research efforts.” In the second quarter, WatchGuard blocked a total of over 16.6 million malware variants (438 per device) and nearly 5.2 million network threats (137 per device). “

The entire Q2 2021 Internet Security Report available with free registration on Watchguard website. (An abstract is available without registration.)

About the Author

David Nagel is Editorial Director of 1105 Media’s Education Technology Group and Editor-in-Chief of The newspaper and STEAM universe. A 29-year publishing veteran, Nagel has edited or contributed to dozens of technological, artistic and business publications.

He can be contacted at [email protected]. You can also connect with him on LinkedIn To or follow him on Twitter at @THEDavidNagel (K-12) or @CampusTechDave (Higher Education).