Global ransomware attacks on the rise – report

Ransomware attacks have increased by 24% in Q2 of 2022 according to the latest threat report by digital security specialist Avast.

The research found that after months of decline, global ransomware attacks increased significantly in Q2 2022, up 24% from the previous quarter, with the highest quarter-on-quarter increases in ransomware risk ratio occurring in Argentina (56%), UK (55%), Brazil (50%), France (42%), and India (37%).

Jakub Kroustek, malware research director at Avast, said: “Consumers, but especially businesses, should be on guard and prepared for encounters with ransomware, as the threat is not going anywhere anytime soon.

“The decline in ransomware attacks we observed in Q4 2021 and Q1 2022 were thanks to law enforcement agencies busting ransomware group members, and caused by the war in Ukraine, which also led to disagreements within the Conti ransomware group, halting their operations. Things dramatically changed in Q2 2022. Conti members have now branched off to create new ransomware groups, like Black Basta and Karakurt, or may join other existing groups, like Hive, BlackCat, or Quantum, causing an uptick in activity.”

In its latest report, Avast also welcomed the decision by Microsoft to block VBA macros by default in Office applications. It says macros have been a popular infection vector for decades and were used by threats including remote access trojans like Nerbian RAT, a new RAT written in Go that emerged in Q2 2022, and by the Confucius APT group to drop further malware onto victims’ computers.

Kroustek said: “We have already noticed threat actors beginning to prepare alternative infection vectors, now that macros are being blocked by default. For example, IcedID and Emotet have already started using LNK files, ISO or IMG images, and other tricks supported on the Windows platform as an alternative to maldocs to spread their campaigns.

“While cybercriminals will surely continue to find other ways of getting their malware onto people’s computers, we are hopeful that Microsoft’s decision will help make the internet a safer place.”

    Share Story:


Modelling and measuring transition and physical risks
CIR's editor, Deborah Ritchie speaks with Giorgio Baldasarri, global head of the Analytical Innovation & Development Group at S&P Global Market Intelligence; and James McMahon, CEO of The Climate Service, a S&P Global company. April 2023

Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.