Dive Brief:

  • Ransomware attacks increased 25% in Q1 2020 compared to Q4 2019, according to incidents recorded by Beazley Breach Response (BBR) Services, the breach response arm of cyber insurer Beazley.
  • Manufacturing was hit the hardest, seeing a 156% quarter-on-quarter increase. While vendors and managed service providers were targets before, BBR found ransomware attacks targeting service providers for financial institutions and healthcare organizations spiked.
  • In Q2, cybercriminals are ramping up phishing schemes and other tactics that seize on “the opportunities presented by the pandemic,” according to the report. Common scamming strategies include COVID-19-related information, repurposed scam templates to include COVID-19, and spoofs of leading healthcare organizations, such as Centers for Disease Control and Prevention, and the World Health Organization.

Dive Insight:

The coronavirus pandemic was the leverage cybercriminals wanted. In a pandemic, everyone is a target.

Cybercriminals are “preying on people’s heightened anxiety during this pandemic,” said Katherine Keefe, head of BBR Services, in an email to CIO Dive. Newly-remote workers “may have weaker IT security than corporate networks typically provide.”

It’s a perfect storm for malicious actors.

In March, Beazley found total ransomware attacks increased 131% from 2018 to 2019. Nearly one-third of total ransomware attacks were targeting healthcare organizations.

When a medical research firm based in the United Kingdom was on deck for COVID-19 response, it was hit by the Maze ransomware. The operators behind Maze turn encrypting data into data breaches. When the medical firm “repelled” the attacks and restored its systems, the operators published the stolen data online.

But businesses outside of healthcare are feeling the heat too.

Supply chain-style attacks tunnel ransomware through a victim to infect an extended network. In March, the ransomware DopplePaymer encrypted and then published data from a manufacturer for Tesla, Boeing and Lockheed Martin. In April, IT services provider Cognizant was hit by Maze. This month, REvil ransomware operators started auctioning off data stolen from an agricultural producer, a food distributor, and a law firm representing high-profile celebrities.

Most recently…

Read The Full Article

Leave a Reply

Check Also

Mandatory Privacy-Breach Reporting Coming to B.C. Public Sector

As of February 1, 2023, public bodies in British Columbia (B.C.) will be required to repor…