March 31, 2021 3:51:37 pm
There has been a shift in the direction of ransomware attacks this year due to the vulnerabilities found in the Microsoft Exchange Server that affected organisations worldwide. As per Check Point Research (CPR), instead of making healthcare sector their usual target to ask for ransom during Covid-19 pandemic, there has been a surge in the number of ransomware attacks exploiting Microsoft Exchange Server vulnerabilities.
A nine per cent monthly increase in ransomware attacks has been noted this year amounting to a total of 50,000 attacks globally. India is third on the list of the most affected countries by ransomware attack attempts at seven per cent following the United States (12 per cent) and Israel (eight per cent) respectively.
The report says that in the last six months there has been an increase of 57 per cent in the number of organisations affected by these attacks. These attacks involve human-operated ransomware, including Maze and Ryuk. Using these ransomware, cybercriminals negotiate the terms with the victim organisations.
Cybersecurity and Infrastructure Security Agency (CISA) recently alerted the organisations against the ransomware attacks exploiting Microsoft Exchange severe vulnerabilities. The report says that the number of these attacks tripled last week. CPR says that the most affected sector by WannaCry ransomware is government/military (18 per cent) followed by manufacturing (11 per cent), finance/banking (eight per cent), healthcare (six per cent) and others.
The WannaCry ransomware has surfaced on this scale after making its debut four years ago. The reason behind the resurfacing is unclear so far. However, a 53 per cent increase has been recorded in the organisations affected by it since the start of 2021. This number is 40 times when compared to the numbers in October 2020.
CPR says that it still uses EternalBlue exploit to target organisations for which security patches have been available for four years. The cybersecurity company also points out why there is a need to update their systems as soon as the fixes are available to save themselves from getting exposed to attacks.