Ransomware Attacks Are Way Down in the Midst of COVID-19

Published at: April 21, 2020

An April 21 report by malware lab Emsisoft showed that there was a significant drop in the number of successful ransomware attacks on the US public sector during Q1 2020.

The findings show a total of 89 organizations were victims of ransomware in the first quarter of the year. And as the COVID-19 crisis deepened, successful attacks fell even lower, to levels "not seen in several years."

Government entities were attacked less frequently, with those numbers going down from 19 in January to just seven in March. The same was mostly true for education: ten successful attacks in January, 14 in February and 2 in March. Healthcare went from having 10 attacks in January to finishing the quarter with just three in March.

The downward trend is continuing into Q2. Only seven successful attacks have been logged between April 1 and April 20.

It’s all about the COVID-19 crisis

As Emsisoft details, such a decrease can be readily attributed to the COVID-19 pandemic. The suspension of non-essential services around the world readily reduces an organization’s attack vectors.

Even though working from home has the potential for employees to leave their organizations vulnerable in terms of cybersecurity, Emsisoft says this has "paradoxically" posed new challenges for hackers at the same time.

Speaking with Cointelegraph, Emsisoft threat analyst Brett Callow explained those challenges:

“When setting up their infrastructure to support working from home, organizations may have taken the opportunity to bolster security around remote access, which is something that attacks frequently exploit to gain access to corporate networks. Further, it’s very obvious to ransomware attackers that they’ve got a potentially valuable target when they hit a corporate endpoint. It may however be less obvious when they hit a personal device that an employee is using while working remotely, and which is only connected to corporate resources on an intermittent basis. “

Emsisoft clarifies that this ransomware relief is likely only "temporary.” The company’s CTO Fabian Wosar said:

"Companies are hurting financially and many are reliant on government support programs for their survival. I fully expect that some of the companies hit by ransomware in the coming weeks will fail; attacks will be the straw that broke the camel's back."

Tags
Related Posts
City’s Ransomware Denials Exposed, Still Faces 100 BTC Demand
A ransomware gang has published personal and financial data from the Californian City of Torrance online — and threatened to reveal 200GB more unless their demands are met. Calling themselves DoppelPaymer, the ransomware gang has demanded 100 Bitcoin (BTC) — worth around $700,000 — in exchange for not releasing any more files stolen in the March 1 cyberattack. The cyberattack erased the City's local backups and encrypted approximately 150 servers and 500 workstations. The release of the data is embarrassing for City officials who claimed that no private data from its 145,000 residents had been compromised in the attack. To …
Technology / April 23, 2020
Crypto in the crosshairs: US regulators eye the cryptocurrency sector
In her monthly Expert Take column, Selva Ozelli, an international tax attorney and CPA, covers the intersection between emerging technologies and sustainability, and provides the latest developments around taxes, AML/CFT regulations and legal issues affecting crypto and blockchain. Lately, news headlines are focused on regulators’ concerns over the lack of investor protections in the cryptocurrency market, which has ballooned to more than $2 trillion, and the possible risks to financial stability. National security agencies across the administration of United States President Joe Biden are grappling with high-profile cases of cryptocurrencies playing a role in ransomware attacks, intellectual property espionage, sanctions …
Regulation / Oct. 24, 2021
The IRS offers a $625,000 bounty to anyone who can break Monero and Lightning
The United States Internal Revenue Service has offered a bounty of up to $625,000 to anyone who can break purportedly untraceable privacy coins such as Monero (XMR) as well as trace transactions on Bitcoin’s (BTC) Lightning Network. The official proposal, published last week, says the IRS will accept submissions in the form of working prototypes until Sept. 16. If accepted, applicants will receive an initial payment of $500,000. This grant will allow applicants to develop their prototype into a working concept over the next eight months. Once the pilot test is completed and approved by the government, a further $125,000 …
Technology / Sept. 11, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Celebrities May Have Their Dirty Secrets Exposed if Crypto Ransom Is Unpaid
The REvil ransomware gang says that they will auction over 1TB of data stolen from New York-based entertainment law firm, Grubman Shire Meiselas & Sacks. This data allegedly contains the “dirty” secrets of a number of celebrities. REvil claims that the contents involve sex scandals, drugs, and treachery. Nicki Minaj, LeBron James, and Mariah Carey among the alleged victims In a blog post, the ransomware group says they will begin the auction on July 1, noting that the first round will contain information from Nicki Minaj, Mariah Carey, and LeBron James. The price for each dataset is $600,000. Two days …
Technology / June 24, 2020