Skip to content

Why Are Ransomware Attacks A Continued Threat?

Why Are Ransomware Attacks A Continued Threat?

Some might say that ransomware is the biggest cybersecurity threat out there. Those people wouldn’t be far off the mark because it has definitely become one of the largest thorns in the sides of cybersecurity professionals and private individuals alike. As this problem grows worse and worse with every passing year, you would think that people would learn to defeat it more easily. Although methods have been developed and disseminated, ransomware is still a big threat. As such, it is likely to continue being a threat well into the coming year and beyond. But why is this the case?

Our Primary Source

To get a professional opinion on this matter, let’s turn to a 2020 state-of-malware report by Malwarebytes. Malwarebytes is a company that makes various types of antivirus/security software, and they are one of the more respected ones. We chose this as our primary source because we need up-to-date information here. Let’s unpack some of the key takeaways from this report one by one. It should be noted that this report mainly covers information from 2019, as it was published early in 2020.

The Education Sector Is Seeing Fewer Attacks

Based on our data, the education sector has seen fewer ransomware attacks than in 2018, and the difference has been pretty large. The report says that schools are beginning to get a little wiser about this threat, but we aren’t so sure about that. Most schools simply don’t have the funding or the expertise to defeat this kind of problem, so we suspect that hackers are looking for more lucrative targets. Also, it is worth noting that the “Wannacry” ransomware was still listed as the #5 threat to the education sector.

Hackers Are Mostly Targeting Businesses

When it comes to ransomware, hackers seem to prefer focusing on high-value business targets. The report indicates that attacks on normal “consumers” are down while attacks on businesses have jumped higher than ever. The numbers for 2019 were quite similar to those from 2017 and 2018, although slightly higher. This ties in with what we were saying in the previous section because it shows that the ransomware threat is becoming more dangerous. The more they get away with this stuff, the more brazen and emboldened they will become. The more brazen they become, the more likely they are to attack big targets.

Methods Of Attack Are More Diverse Than Ever

As you may know, ransomware attacks typically begin with a phishing email or something similar. In the past, these attacks followed a definite pattern, but that pattern is beginning to disappear. The new methods involve things like exploit kits, botnets, hacking tools, and manual infection. There are also some ransomware attacks that make use of bugs and vulnerabilities in common software. For instance, some types have been known to attack Windows’ remote desktop protocol as a way to covertly take control of the system. Thankfully, this method only works on older versions of Windows.

Ransomware Software Is Evolving

Although the report contains references to some of the older and more well-known ransomware strains (like Wannacry), we mainly see a lot of growth in newer forms of malware. For instance, Ryuk (another type of ransomware) saw an 88% increase in usage over the course of 2019. Phobos (another variant) saw even greater growth, with its usage increasing by 940%. Rapid ransomware seems to have increased its presence by 319%, while newcomer GandCrab rose by just 5%. Still, we can see that all these numbers are going up at a rapid pace. Here’s the worst part: These numbers only account for those cases in which the business was able to detect the malware.

Ransomware Is Being Used In Combination With Other Malware

The report speaks of a “triple threat,” wherein three types of malware are used at once. The primary payload is the ransomware itself, obviously. The other two programs are called Emotet and Trickbot. Emotet is a trojan that mainly spreads itself through spam emails, while Trickbot is a piece of well-known botnet software. The people at Malwarebytes say that they have seen this combination being used very frequently in the last few years. It seems that the combination of ransomware, a trojan, and a botnet are perniciously effective.

The United States, Canada, And The UK Remain Top Targets

It would seem that these three countries are the ones most likely to be targeted. This probably has to do with the fact that there is more economic wealth in these countries than most others, although cultural and social factors might also play a role. The U.S. accounted for about 53% of all detections, making it the leader by a long shot. Canada came in second with 10%, followed closely by the United Kingdom (with 9%).

Many Industries Are Not Prepared For This

A data breach is kind of like a car accident: It never seems real until it happens to you. This is apparently a big factor because companies continue getting caught unprepared for a ransomware attack. Indeed, that is probably the reason why so many of them succeed. Outdated hardware, outdated software, lack of security funding, and poor tech infrastructure were listed as several of the primary reasons for this fact.


As you can see, the danger of ransomware doesn’t appear to be going anywhere. Although many researchers thought that the peak of this malware had passed back in 2017, all the numbers seem to indicate a steep comeback. As such, the cybersecurity industry will need to step up its game in order to meet this threat. Of course, one of the best ways to protect yourself is by employing the services of a good IT computer services provider. If you have found yourself asking, “what are the best managed IT services near me?” then you should call PCH Technologies at (856) 754-7500.