By 2018, the number of ransomware attacks had begun to fall off while hackers found new tools to attack with, shifting toward cryptojacking, credential theft, and trojan malware.
Granted, ransomware attacks didn’t fade completely from the picture in 2018, but they were overshadowed by the emergence of new attack vectors. Unfortunately, according to data collected by McAfee Labs, and published in their August 2019 Threat Report, Ransomware is back with a vengeance.
Christopher Beek, a lead scientist at McAfee had this to say about the report:
“After a periodic decrease in new families and developments at the end of 2018, the first quarter of 2019 was game on again for ransomware, with code innovations and a new, much more targeted approach.”
The dramatic increase in ransomware attacks is being driven primarily by three families of ransomware: Ryuk, GrandCrab, and Dharma.
Ryuk is a scary bit of code that has been used to lock down entire large corporations and government agencies. It was originally credited to North Korea, but subsequent research points to the malware as being the work of a highly sophisticated cybercrime syndicate, rather than the product of a nation-state.
GrandCrab is a relatively new arrival on the ransomware scene, first emerging in 2018. Often described as one of the most aggressive families of ransomware, the original authors of the code have leased it out to other hackers around the world in exchange for a cut of the profits.
Dharma is the oldest family of the big three, first emerging on the scene in 2016. Originally, it was an offshoot of another, even older ransomware family known as Crysis. However, since branching off, it has become a potent threat in its own right, and the hackers who control the code regularly release new updates and continue to enhance its capabilities.
All that to say, it’s too soon to breathe a sigh of relief where ransomware is concerned. It’s back in 2019, and it’s back with a vengeance.