The Latest Zix News
Product and Solution Information, Press Releases, Announcements
|Ransomware Overtook Banking Trojans In H1 2019 Email Malware Campaigns|
|Posted: Tue Aug 13, 2019 01:58:29 PM|
On July 24, Louisiana Governor John Bel Edwards issued a statewide emergency declaration after a ransomware attack affected several local government agencies. Those victimized organizations included school systems in Sabine, Morehouse and Ouachita. In response, Edwards said the state would begin working with digital security experts at the Louisiana National Guard, Louisiana State Police, the Office of Technology Services and other entities to help the affected organizations recover and prevent additional data loss.
The attack described above is just the latest in a string of campaigns that have contributed to a rise in ransomware’s prevalence this year. Indeed, the Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 report observed a 195 percent increase in business detections of ransomware from Q4 2018 to Q1 2019. Similarly, Beazley documented a 105 percent rise in the number of ransomware attack notifications it received between the first quarter of 2018 and one year later. These attacks evolved over that course of time, Beazley found, in that they began targeting larger organizations and demanding higher ransom amounts.
These trends beg the question: how have ransomware stacked up against other digital threats thus far in 2019? Specifically, how have they fared against banking trojans, threats which according to multiple accounts dominated the threat landscape in 2018?
AppRiver examined these and other questions in its Global Security Report: Mid-Year 2019. In the report, AppRiver analysts say the company’s Advance Email Security filters had quarantined more than 124 million emails with malware attached throughout the first six months of 2019. These emails, which put AppRiver on a track similar to the total number of malicious emails it saw the previous year, indicated a shift from banking trojans to ransomware infections. Many of these attempted ransomware attacks occurred within the context of chained malware infections, campaigns which used a dropper a to execute a ransomware binary as a second-stage payload.
Not surprisingly, a few of these ransomware attacks in the first half of 2019 made headlines. Presented below are five such infections that stood out to AppRiver:
These attacks, when coupled with AppRiver’s findings, underscore the importance of organizations taking steps to prevent a ransomware infection. To succeed in this regard, they should use an advanced email threat protection solution such as ZixProtect to analyze multiple characteristics of incoming email in real-time, all while allowing legitimate emails to find their way to their intended destinations.