January 10, 2018
Ransomware, combined with the continued ubiquity of mass malware and non-malware attacks, is creating a vast attack surface for cyberattackers, who are getting more creative and persistent, according to a blog post by the Carbon Black Threat Analysis Unit (TAU).
To better understand the evolving attack landscape, the Carbon Black Threat Analysis Unit (TAU) launched an investigation into the current state of ransomware, malware, and non-malware attacks and found that ransomware is now estimated to be a $5 billion crime. In 2016, the estimate was $850 million. In 2015, the estimate was a mere $24 million.
Every computer protected by Carbon Black is being targeted by an attack an average of 3x per month. At the beginning of 2017, this number was less than one attack per month on average (0.7), a growth rate of 328%. Throughout 2017, there was, on average, a 13% increase per month in attacks targeting endpoints protected by Carbon Black.
52% of all attacks seen in 2017 were non-malware attacks. Malware-based attacks account for the remaining 48% of attacks. Non-malware attacks are increasing at a rate of 6.8% per month.
Ransomware most often targeted technology companies, government / non-profit organizations and legal firms in 2017.
The most common ransomware variants seen in 2017 were: Spora, CryptXXX / Exxroute, Locky, Cerber, and Genasom.
Financial organizations, healthcare providers and retail stores were the top three verticals targeted by cyberattacks leveraging malware in 2017.
The top five most seen malware families seen in 2017 were: Kryptik, Strictor, Nemucod, Emotet, and Skeeyah.