As the virus has spread, the number of successful ransomware attacks against specific sectors has declined.
What Different Does it Make?
In 2019 there were 966 government agencies, educational institutes, and healthcare providers in the US, which were attacked by ransomware. In 2020 the number of ransomware attacks is the same or worse.
The difference lies in the comparison of ransomware attacks statistics during the first quarter of the year. The organizations which were attacked by the ransomware were only 89 during the first quarter of 2020. It is one of the lowest numbers of attacks to be reported in several years.
A breakdown of the results shows that there were 38 government agencies, 26 educational institutes, and 25 healthcare providers who were hit by cyber threats in the first quarter. In the second quarter, only three government agencies, two educational facilities, and two healthcare providers were victims of the ransomware.
Now, the real questions arise:
Why has the overall number of ransomware campaigns remained the same?
Why only three of the sectors mentioned above are not the target anymore?
First, during the COVID-19 pandemic, many healthcare services, government agencies, and education institutes have canceled or eliminated their non-essential services. The elimination of services has left hackers with a minimal area for ransomware attacks.
Second, the people who are working from home can be the new targets, and this also represents new challenges for ransomware attackers. These criminal groups have limitations in their resources and personnel and cannot modify their operations as quickly as they want.
Third, due to coronavirus pandemic, many organizations are suffering from a financial crisis. Many of these organizations cannot afford to pay a massive amount of money to the hackers as ransom. Thus, the ransomware attackers find no use in targeting low-profiting organizations. In a recent post, The Maze ransomware group said: "We are living in the same economic reality as you are. That's why we prefer to work under the arrangements, and we are ready for compromise."
Work from home forces is at a much higher risk of ransomware attackers than essential organizations. It is important to remember that hackers are not sparing healthcare service providers, educational institutes, and government agencies out of mere sympathy. Hackers are facing similar economic and resource restraints like everyone else as they continue to find new targets meanwhile.