2020 will go down in history for all the wrong reasons partly because of the mayhem created by attackers using Covid-19 as a theme to target individuals and businesses of all sizes. In its latest quarterly threat report, Seqrite has detected a 2X surge in ransomware attacks during the April-May-June quarter, standing at 4 lakhs, in comparison with the first quarter of 2020. While Maze continued to be a top threat for enterprises, other notable ransomware attacks detected in the quarter include Ryuk, Mailto aka Netwalker, HorseDeal & Gigabyte, RagnarLocker, PonyFinal and Tycoon.
Researchers at Seqrite have observed a visible shift in the behavior of threat actors with ransomware families using a two-pronged approach to target enterprises. In addition to Maze, multiple ransomware families are now capable of stealing sensitive data in addition to holding the victim’s network for a ransom. This makes modern ransomware attacks even more dangerous with threat actors threatening to leak the stolen data if they are not paid. Organisations in sectors like BFSI, Manufacturing, IT/ITES and Government are likely to be the primary target due to the sheer amount of sensitive data they store.
Seqrite’s industry-leading GoDeep.AI platform played a pivotal role in mitigating these threats. The platform leverages a combination of Signature-less and Signature-based detections, which are backed by patented technologies to proactively detect and block known and unknown ransomware attacks. The patented technologies includes Seqrite’s flagship Anti-Ransomware technology that leverages advanced algorithms to conduct focused activity-based detection while also empowering enterprises to recover critical data in case of a breach.
Speaking on the latest quarterly threat report, Sanjay Katkar, Joint Managing Director and CTO – Quick Heal Technologies, said, “Ransomware attacks have always been a concern for enterprises. But what makes them more dangerous is their innovative and evolving nature. While previously, threat actors used to block sensitive data and ask for a ransom in return, now they have evolved and become much smarter than ever. Apart from demanding ransom from the victim, these evolved threat actors steal the encrypted data and sell it in the open market to make dual income sources. Through this report, we aim to spread maximum awareness around the innovative and rapidly evolving nature of ransomware and help businesses combat this situation.”