Sometime in July, cybersecurity company Check Point revealed that Israeli institutions are subjected to twice as many cyberattacks as counterpart organizations in other countries across the globe.
On average, one out of every sixty Israeli organizations or companies is attacked every week by threat actors leveraging on ransomware tools. It turns out that this frequency has increased by a 30 percent margin when compared to 2020 figures.
In particular, the firm’s report indicated that the Israeli health sector was the most affected by threat actors looking to breach critical government services – it is estimated that the country’s health sector sustains an average of 1,443 cyberattacks every week.
Similarly, the Check Point researchers revealed that other destinations across the world had their health and educational sectors accounting for the highest number of attacks. This was followed by government entities and security companies.
Separate new data published in the latest VirusTotal Ransomware Activity Report seems to mirror the research conducted by Check point researchers. The report revealed a cyber-extortion boom from the first half of 2021, the findings have shadowed cases in the past year.
In highlight, GandCrab ransomare family was the most active group in early 2020, before its prevalence ebbed significantly in the second half of the year.
Like the majority of ransomware types, the GandCrab ransomware-as-a-service product works by holding files on infected computers hostage until a ransom payment is made by victims.
As reported by Krebs on Security, GandCrab far outshone its competition by virtue of its operators ensuring that the malware was continuously kept updated to circumvent antivirus programs and other cybersecurity defences.
VirusTotal investigators noted GandCrab’s massive peak in Q1 2020 that has since changed in dynamic to take a more subtle magnitude in 2021. The ransomware gang ranked among ten other prolific threat groups that wreaked havoc across the world (See below).
Figure 1: Chart showing the Top 10 most active ransomware families since Q1 2020 (Source: VirusTotal)
In the course of their research, VirusTotal investigators identified at least 130 different ransomware families – the findings were contingent on a number of standard practices in the cybersecurity industry, including naming conventions.
Since last year, the cybersecurity experts collected study samples from more than 140 countries across the world with Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran and the UK being the most affected countries based on the number of sample submissions to VirusTotal.