Ransomware Expected to Increase 150% This Year

Ransomware and fileless malware are both seeing large surges this year. According to the newly released Q2 2021 Internet Security Report from WatchGuard Technologies, in the first six months of 2021, ransomware attacks were already at nearly the total volume for all of the previous year and are on target to see a 150 percent increase by the end of the year. According to WatchGuard: "While total ransomware detections on the endpoint were on a downward trajectory from 2018 through 2020, that trend broke in the first half of 2021, as the six-month total finished just shy of the full-year total for 2020. If daily ransomware detections remain flat through the rest of 2021, this year’s volume will reach an increase of over 150 percent compared to 2020."

Fileless malware — malware originating from scripting engines, such as PowerShell — is increasing at an even greater pace and is on track to double 2020's total this year. AMSI.Disable.A is one such malware type that's on the rise. According to WatchGuard: "AMSI.Disable.A showed up in WatchGuard’s top malware section for the first time in Q1 and immediately shot up for this quarter, hitting the list at No. 2 overall by volume and snagging the No. 1 spot for overall encrypted threats. This malware family uses PowerShell tools to exploit various vulnerabilities in Windows. But what makes it especially interesting is its evasive technique. WatchGuard found that AMSI.Disable.A wields code capable of disabling the Antimalware Scan Interface (AMSI) in PowerShell, allowing it to bypass script security checks with its malware payload undetected."

Other findings from the report include:

  • A massive 91.5 percent of all malware arrived over encrypted connection. "Put simply, any organization that is not examining encrypted HTTPS traffic at the perimeter is missing 9/10 of all malware," according to WatchGuard.

  • Network attacks rose 22 percent in the quarter, reaching the highest level sine 2018. "Q1 saw nearly 4.1 million network attacks. In the quarter that followed, that number jumped by another million – charting an aggressive course that highlights the growing importance of maintaining perimeter security alongside user-focused protections."

  • Microsoft Office continues to be a popular attack vector. WatchGuard reported a new 2017 RCE vulnerability that debuted in the second quarter as the No. 1 network attack. "Though it may be an old exploit and patched in most systems (hopefully), those that have yet to patch are in for a rude awakening if an attacker is able to get to it before they do."

  • Aside from the 2017 RCE vulnerability, two other top-10 network attacks exploited old vulnerabilities, according to the report: a "2011 Oracle GlassFish Server vulnerability [and] a 2013 SQL injection flaw in medical records application OpenEMR…."

The report was based on "anonymized Firebox Feed data from active WatchGuard Fireboxes whose owners have opted to share data in direct support of the Threat Lab’s research efforts. In Q2, WatchGuard blocked a total of more than 16.6 million malware variants (438 per device) and nearly 5.2 million network threats (137 per device)."

The complete Q2 2021 Internet Security Report is available on Watchguard's site (registration required).

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • abstract smartphone translucent screen displaying AI interface

    Apple Introduces Redesigned Siri AI

    At its recent Worldwide Developers Conference, Apple introduced Siri AI, a redesigned version of its voice assistant that Apple describes in its own announcement as "a profoundly more capable and personal assistant." The update is intended to make Siri more conversational, more context-aware, and more useful across iPhone, iPad, Mac, Apple Watch, and Vision Pro.

  • blue wooden cubes block texture abstract background

    Gartner Estimates Worldwide IT Spending at $6.31T for 2026

    Gartner recently forecast that worldwide IT spending will total $6.31 trillion in 2026, a 13.5% increase from 2025. Sectors experiencing the largest growth include data center systems, software, and IT services.

  • people as silhouettes on a glowing network grid

    Human-Centered Workforce Development in an Age of Advanced Technology

    Marc Booker, vice provost of strategy at the University of Phoenix, examines how to recognize and promote human-centered workforce development in higher education.

  • Dana Brunson facilitates a roundtable discussion with research and higher education IT leaders

    Internet2: Closing the Access Gap for Research Cyberinfrastructure

    Internet2's Research Engagement Team brings CIOs and other campus technology leadership together with research computing and data facilitators, forming a community that enables research cyberinfrastructure at institutions of all types and sizes.