During COVID-19, Ransomware Attacks Went Down

By Boris Dzhingarov

Emsisoft, a malware lab, published a report on April 21 and it showed the entire world that there is a big drop in how many ransomware attacks happened in the US public sector during 2020, quarter 1.

Only 89 organizations ended up being ransomware victims during the first quarter of this year. The COVID-19 crisis became more serious and successful attacks actually went down to levels that were “not seen in several years.”

Governmental organizations were less frequently attacked, with the number going down to 7 in March, from 19 seen in January. The exact same thing happened in education. In March, 2 successful attacks happened. In January there were 10 and in February there were 14. In Healthcare, January saw 10 ransomware attacks that were successful. In March, only 3 appeared.

This clear downward trend keeps going in quarter 2, 2020. Between April 1 and April 20, just 7 attacks were successful (reported).

Emsisoft detailed that this decrease is connected to the current coronavirus pandemic. Non-essential services are suspended all around the world. This made the attack vectors of organizations less visible and accessible. Although working from home actually has the huge potential of leading to more serious organizations for organizations and cybersecurity as a whole, this led to new challenges that hackers need to deal with right now.

Brett Callow, Emsisoft threat analyst, talked about these new challenges and said:

“When setting up their infrastructure to support working from home, organizations may have taken the opportunity to bolster security around remote access, which is something that attacks frequently exploit to gain access to corporate networks. Further, it’s very obvious to ransomware attackers that they’ve got a potentially valuable target when they hit a corporate endpoint. It may however be less obvious when they hit a personal device that an employee is using while working remotely, and which is only connected to corporate resources on an intermittent basis.”

Fabian Wosar, Emsisoft CTO, declared that the ransomware relief is most likely just temporary. He declared:

“Companies are hurting financially and many are reliant on government support programs for their survival. I fully expect that some of the companies hit by ransomware in the coming weeks will fail; attacks will be the straw that broke the camel’s back.”

Whether or not this will happen is something that remains to be seen. However, it is a certainty that, at least for now, ransomware attacks went down, which is great.