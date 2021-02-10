What we were able to predict seems to be confirmed in the latest report from Anssi (National Agency for the Security of Information Systems): In 2020, the number of ransomware in public or private institutions increased by 255%. In this report, titled “Ransomware Threat Study”, we can read that some sectors are more affected than others. This is the case, for example, with technology companies or in the education or health sector.

More and more ransomware and new trends are emerging

This study is a true resource for cybersecurity professionals. For example, we see that most ransomware programs are managed through phishing emails. Anssi explains: “The youngest include Egregor, RagnarLocker and Ranzy. It is not uncommon for these emails to distribute an initial loader-type payload which, once propagated across the network, is responsible for delivering the final payload, which is the ransomware. “

Note that 2020 saw three main cybersecurity trends: “Big Game Hunting”, “Ransomware-as-a-Service” (RaaS), and “Double Extortion”. To sum up, the first trend means that hackers are preparing months in advance before attacking. The second trend is a worrying trend that indicates that more and more ransomware is becoming available on the dark internet. Finally, the third trend, known as “double blackmail,” means hackers put pressure on their victims by stealing sensitive information that can easily be shared on the internet.

Certain sectors are more targeted than others

The conclusion of the report shows a 255% increase in ransomware … Let’s take some recent examples: In January 2021, the metropolis of Angers was hit by ransomware, which paralyzed the entire computer park of the municipal services. In October 2020, a Finnish company that operates 25 psychotherapy centers was also the victim of a group of hackers who managed to steal thousands of patient records. Finally, in July 2020, the Orange Business Services division was also targeted.

Certain sectors are more and more affected than others: the education sector, for example, is a privileged target for hackers. In the United States, it is the second most sought-after sector by hackers after local communities. As the Anssi report explains, it is difficult to accurately gauge the gains made by attackers. The agency nevertheless estimates that the revenues are in millions of euros.

In any case, it is certain that cyber attacks cost victims money. Whether it is extortion, loss of business, or a temporary inability to perform normal administrative services, victims risk a lot. In the published study we can read: “Sopra Steria, victim of Ryuk in October 2020, managed to estimate his losses at around 50 million euros.” Since its debut in 2018, the hackers behind the Ryuk ransomware have reportedly amassed € 135 million …