The firm observed that at least 174 municipal institutions, have been targeted by ransomware during the last year
Cyber security firm Kaspersky’s researchers have finally released their annual security bulletin titled ‘Story of the Year 2019’. In the report the researchers focused on the rising trends in Ransomware, particularly worrying in their increasing attacks on municipal institutions.
The firm observed that at least 174 municipal institutions, with more than 3,000 subset organizations, have been targeted by ransomware during the last year. This represented a 60 per cent increase at least, from the figure in 2018.
Judging by publicly available information, the ransom amounts varied greatly, reaching up to 53,00,000 USD and 10,32,460 USD on average. However, they also said that the the final costs of an attack are much more, as the long-term consequences and damages from the attach are estimated to be larger
The malware that was most often cited as a culprit varies too, yet three families were named as the most notorious, by Kaspersky researchers: Ryuk, Purga and Stop. Ryuk appeared on the threat landscape more than a year ago and has since been active all over the world, both in public and in the private sector. Its distribution model usually involves delivery via backdoor malware which in turn spreads by the means of phishing with a malicious attachment disguised as a financial document. Purga malware has been known since 2016, yet only recently municipalities have been discovered to fall victims to this trojan, having various attack vectors – from phishing to brute force attacks. Stop cryptor is a relative novice as it is only one year old. It propagates by hiding inside software installers. This malware has been popular, number seven in the top 10 most popular cryptors ranking of Q3 2019.
Ransomware is a notorious headache for the corporate sector, affecting businesses around the world for a number of years. As if that wasn’t enough, 2019 has seen the rapid development of an earlier trend, where malware distributors have targeted municipal organizations. Researchers note that while these targets might be less capable of paying a large ransom, they are more likely to agree to cybercriminals’ demands. Blocking any municipal services directly affects the welfare of citizens and results, not only in financial losses but other socially significant and sensitive consequences.
To avoid such malware infiltrating organisations, Kaspersky has the following recommendations:
- It is essential to install all security updates as soon as they appear. Most cyberattacks are possible by exploiting vulnerabilities that have already been reported and addressed, so installing the latest security updates lowers the chances of an attack
- Protect remote access to corporate networks by VPN and use secure passwords for domain accounts.
- Always update your operating system to eliminate recent vulnerabilities and use a robust security solution with updated databases
- Always have fresh back-up copies of your files so you can replace them in case they are lost (e.g. due to malware or a broken device) and store them not only on the physical object but also in cloud storage for greater reliability
- Remember that ransomware is a criminal offence. You shouldn’t pay a ransom. If you become a victim, report it to your local law enforcement agency.
- Educating the staff in cybersecurity hygiene is necessary to prevent attacks from happening.
- Use a security solution for organisation to protect business data from ransomware
- One can enhance their preferred third-party security solution