What’s the Deal with Ransomware Today?

We last talked about ransomware a while back when 2016 was dubbed as the year of ransomware.  Since then, there have been conflicting reports over whether or not attacks of this nature are escalating.  Many organizations state (and quite convincingly) that it’s the most popular form of malware and that ransom-related attacks have intensified at a disconcerting rate over the past two years.

So have we seen a decline in 2018?  After two years of explosive growth, has ransomware finally been dethroned as the #1 payload used in malware campaigns?  And have cryptominers replaced it as the most prevalent type of malware we’ve seen this year?

Kaspersky believes it to be the case, citing that ransomware infections have fallen by 30% over the past 12 months while cryptominers infections have risen by 44.5% over the same time period.

Does that mean ransomware now holds second place?  Not quite from the perspective of Malwarebytes who reports that ransomware has dropped all the way down to the #6 spot, declining in popularity behind miners, banking trojans, adware, backdoors, and spyware.

A variety of factors have contributed to ransomware’s downward spiral, including overexposure and increased awareness (thanks in large part to WannaCry and other high-profile attacks), cryptocurrency volatility, and additional attention from law enforcement.  But perhaps the biggest reason is also the simplest – with the majority of victims declining to pay, the attacks simply became unprofitable.

All that being said, don’t be too quick to write ransomware off completely.

After months of being hailed as the new heir apparent, there are signs that the miner boom may already be stalling.  What’s it they say, 15 minutes of fame and then you’re done?