Cybercriminals armed with ransomware technologies continued to ramp up their attacks in 2018, most notably those targeting large organizations, according to a report released today by cybersecurity technology provider Crowdstrike.
Reporting on observed changes in 2018 in its “eCrime” ecosystem, the firm said “the most notable trend within the year was the continued rise of ransomware operations targeting large organizations,” which it also referred to as “Big Game Hunting.” Several of the originating entities of the ransomware attacks, and providers of ransomware-as-a-service, also were observed undertaking “more professional” support for customers, and increasing development cycles, Crowdstrike said.
According to the report, the criminal entity dubbed Boss Spider by Crowdstrike cleared $3.1 million worth of ransomware payoffs in 2018 using the “SamSam” ransomware, up from $2.5 million in 2017 and $1.03 million in 2016 .
Those attacks tailed off sharply toward the end of the year, the report says, when the Department of Justice issued indictments of two Iranian nationals for their alleged role in several ransomware attacks on U.S.-based targets.
“Although 2018 lacked the high-profile ransomware and pseudo-ransomware incidents, like the WannaCry and NotPetya operations of 2017, CrowdStrike Intelligence attributed a number of disruptive incidents to state-sponsored targeted intrusion adversaries,” the firm said.