Ransomware and phishing attacks soar during pandemic, finds Beazley

Ransomware attacks were up by a quarter in the first three months of 2020, according to the Beazley Breach Response (BBR).

BBR said the number of incidents involving ransomware reported to its service had increased by 25 percent compared to the last three months in 2019. It said that while “no industry was immune”, manufacturing showed “the steepest increase” with reported attacks up 156 percent in Q1 2020 compared with Q4 2019.

During Q1, BBR saw a particular spike in ransomware incidents at service providers for banks and credit unions as well as for healthcare organisations, which led to multiple reports.

As ransomware attacks grew, email attacks dropped by 16 percent in Q1 2020 from the quarter before, but BBR emphasised that it remains a problem.

It said that financial services, healthcare and retail sectors reported fewer compromised email incidents than in Q4 2019 “this may prove to be a temporary reprieve tied to behavioral changes amid the response to COVID-19”.

“Employees first adjusting to working from home may have been less responsive to emails generally, and organisations may have been more focused on quickly ramping up remote working capacity than on identifying and reporting email incidents.”

Moving in the second quarter of 2020, BBR saw cyber criminals making greater use of the opportunities presented by the pandemic.

Analysts warned: “We are likely to see more employees falling victim as attacks accelerate. Research from security awareness training experts KnowBe4 reveals that COVID-19-related scams ranging from social media posts, smishing (text message phishing) and, above all, email phishing have skyrocketed during this time.

“During the pandemic, attackers are taking advantage of the fact that many employees have been working from home, without the technical protections that their corporate networks often provide.”

Remote working means employees are having to use personal computers “without the advantage of managed endpoint protection or even regular patching schedules that are also managed by the typical IT team”. BBR added that many organisational policies are “not designed to function in these distributed environments, leaving them less protected against wire transfer fraud and similar attacks”.