Analysis: 740 organizations faced ransomware attacks and had their data posted to leak sites in Q2 2021, up 47% QoQ; attacks on retail sector grew 183% QoQ (Analysis Qoq Qoqgreigzdnet)

Analysis Qoq Qoqgreigzdnet: Ransomware-as-a-service is booming as cybercriminals monetize their malware attacks. Per Webroot, attackers are hard at work to exploit the flaws in older versions of software like JBoss, Apache Struts and Drupal. In a recent report, 740 organizations faced ransomware attacks and had their data posted to leak sites in Q2 2021. That’s up 47% from QoQ and 183% from Q1 2021. The attacks targeting the retail industry also grew, up 30% QoQ and 60% YOY.

“Ransomware attacks have evolved into a commodity cybercriminal activity, and the latest statistics from Webroot’s Threat Intelligence Center show that this is not slowing down,” said Ashish Verma, vice president of product management at Webroot. “We have been monitoring these threats for years, but we haven’t seen many organizations catching up to new trends in the cybercrime ecosystem. In Q2, we’ve seen malicious emails and malware that use ransomware become a mainstay in cybercrime campaigns. We saw the attackers stop using the ‘ransom’ word and start using different names, but the attacks themselves are very similar.”

In addition to growing threats in traditional attack methods like phishing, spear phishing and drive-by downloads, Webroot tracked two new trends: ransomware attacks leveraging old vulnerabilities in JBoss, Apache Struts and Drupal. These attacks help exploit weaknesses in older versions of these software products. And attackers are switching their focus to the retail industry.

“The data we’re seeing here is dramatic, and it’s not just a one-quarter spike, it’s a trend that is continuing,” said Jamie Miller, lead threat intelligence analyst at Webroot. “We’ve been tracking this as a trend for years now, but we haven’t seen many organizations catching up with these new trends in the cybercrime ecosystem. In Q2, we’ve seen malicious emails and malware that use ransomware become a mainstay in cybercrime campaigns. We saw the attackers stop using the ‘ransom’ word and start using different names, but the attacks themselves are very similar.”

These trends are just two of the many ways that cybercriminals exploit flaws in older versions of software to infect endpoints with new ransomware variants. And these attacks are just getting started. A recent report by Neopost concluded that ransomware attacks in the US will increase 352% by 2020. With major security holes in many software products and a growing supply of ransomware-as-a-service kits, Webroot expects to see these trends continue to grow over the next year.

Webroot has been tracking the growing proliferation of ransomware-as-a-service since 2016. The latest report builds on a previous version that was published in late 2017, which showed that cybercriminals have steadily grown the ways they monetize ransomware. Webroot’s report also includes some of the following key findings:

In Q2 2021, attacks leveraging old vulnerabilities in JBoss grew 176% QoQ and attacks using Drupal grew 40% QoQ.