Ransomware detection jumps by 365%

Whilst business detections of ransomware have been soaring, consumer detections of ransomware have declined, reports reveal.

In Malwarebytes’ new study, “Cybercrime techniques and tactics (CTNT): Ransomware retrospective”, consumer detections of ransomware has decreased 25% quarter over quarter, whilst business detections of ransomware has jumped significantly.

The report explains that this is due to cyber-criminals looking for higher returns on their investments; attackers can gain a vast amount of money from ransoming organisations over individuals. 

“Encrypting sensitive proprietary data on any number of endpoints allows cybercriminals to put forth much larger ransom demands while gaining an exponentially higher chance of getting paid,” the report wrote. 

The frequency of attacks targeting cities and municipalities, like those experienced in Florida, Baltimore and Georgia, have increased in frequency. Ryuk and RobinHood ransomware families are mostly to blame for the disruption.

Ryuk and Phobos are two ransomware families that have caused the most trouble when it comes to businesses. The report also noted that GandCrab and Rapid business detections both increased, with Rapid increasing by 319%. Business detections of GandCrab slowing down by 5% in Q2 2019 over Q1. 

In regards to consumer detections of ransomware, Rapid saw the largest decrease quarter over quarter (57%), with a year over year decline of 30%.

Troldesh was the only ransomware family that saw any kind of increase. Troldesh rose by 162% over the same period in 2018. 

Nearly half of all ransomware detections in the last year occurred in North America, the Middle East, Africa and Europe, whilst Latin American yielded 10% and Asia Pacific 7%. 

Adam Kujawa, director of Malwarebytes Labs said:

“This year we have noticed ransomware making more headlines than ever before as a resurgence in ransomware turned its sights to large, ill-prepared public and private organizations with easy to exploit vulnerabilities such as cities, non-profits and educational institutions.

“Our critical infrastructure needs to adapt and arm against these threats as they continue to be targets of cyber-criminals, causing great distress to all the people who depend on public services and trust these entities to protect their personal information.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.