Emsisoft highlighted a considerable decline in the successful ransomware attacks in the US.
An April 21 report by malware lab Emsisoft showed that there was a significant drop in the number of successful ransomware attacks on the US public sector during Q1 2020.
The findings show a total of 89 organizations were victims of ransomware in the first quarter of the year. And as the COVID-19 crisis deepened, successful attacks fell even lower, to levels “not seen in several years.”
Government entities were attacked less frequently, with those numbers going down from 19 in January to just seven in March. The same was mostly true for education: ten successful attacks in January, 14 in February and 2 in March. Healthcare went from having 10 attacks in January to finishing the quarter with just three in March.
The downward trend is continuing into Q2. Only seven successful attacks have been logged between April 1 and April 20.
It’s all about the COVID-19 crisis
As Emsisoft details, such a decrease can be readily attributed to the COVID-19 pandemic. The suspension of non-essential services around the world readily reduces an organization’s attack vectors.
Even though working from home has the potential for employees to leave their organizations vulnerable in terms of cybersecurity, Emsisoft says this has “paradoxically” posed new challenges for hackers at the same time.
Speaking with Cointelegraph, Emsisoft threat analyst Brett Callow explained those challenges:
“When setting up their infrastructure to support working from home, organizations may have taken the opportunity to bolster security around remote access, which is something that attacks frequently exploit to gain access to corporate networks. Further, it’s very obvious to ransomware attackers that they’ve got a potentially valuable target when they hit a corporate endpoint. It may however be less obvious when they hit a personal device that an employee is using while working remotely, and which is only connected to corporate resources on an intermittent basis. “
Emsisoft clarifies that this ransomware relief is likely only “temporary.” The company’s CTO Fabian Wosar said:
“Companies are hurting financially and many are reliant on government support programs for their survival. I fully expect that some of the companies hit by ransomware in the coming weeks will fail; attacks will be the straw that broke the camel’s back.”