SentinelOne (an end point protection company) recently carried out the Freedom of Information (FOI) requests to universities, to establish if ransomware was a significant problem in academic institutions. 63% of British universities who responded to the FOI admit to being the target of a ransomware attack.

It was also reported that more than half i.e. 56% of the UK’s universities have been targeted in ransomware attacks in the past year, according to SentinelOne. One of the universities admitted that it had suffered a total of 21 separate attacks throughout the year.

Of all the universities contacted by SentinelOne, 13 refused to answer considering the potential repercussions of their response. The most interesting yet excruciating fact being 100% of the universities which responded to the survey, reported that they had suffered from an attack, in spite of using an Anti-Virus software.

None of the academic institutions confessed of meeting the demands from the cyber criminals. However, as per SentinelOne, “the value of the ransoms demanded to decrypt the data ranged between £77 and £2299 (5 bitcoins)”.

Public institutions seem to be the prime targets for increasing ransomware attacks. Earlier this year multiple institutions and universities across the world were also targeted. Few include the University of Calgary who admitted paying a $16,000 ransom and one of the well-known hospitals in the US, the Hollywood Presbyterian Medical Center admitted paying a $17,000 ransom to cyber attackers.

Suffering a ransomware attack despite the implementation of security solutions across infrastructure ratifies the maturity of security strategy and failure of security solutions to protect against such infectious threats. As per Jeremiah Grossman of SentinelOne, “The fact that 65% of those universities suffering an attack were the victim of repeated attacks, where no ransom was [allegedly] paid, may prompt us to question the motives of the adversary as more than purely financial.”

Last year in The Wall Street Journal Symantec mentioned, Anti-Virus solutions only detect about 45% of cyber attacks. This potentially raises concerns for defining the foolproof security stratagem across enterprises and institutions.

A recent report titled ‘State of Ransomware supported by Malwarebytes was released at Black Hat USA 2016, in which they conducted a study that surveyed 540 CIOs, CISOs and IT directors from corporations with an average of 5400 employees across the UK, US, Canada, and Germany.

As per helpnet security, the study found that approx. 40% of businesses have experienced a ransomware attack in the last year itself. Of these victims, more than a third lost revenue and 20% had to stop business completely.

Wildfire ransomware which earlier had hit victims, mostly located in the Netherlands and Belgium this year, now has a decryptor available. This ransomware had spread through phishing campaigns which encouraged users to fill in a form for receiving a missed package delivery. The decryptor was released by one of the projects, which is run by the Intel Security, Europol, the Dutch National Police and Kaspersky Lab called as No More Ransom project.

Wildfire ransomware was one of the most targeted campaigns wherein cyber criminals did adequate research on their targets with proper knowledge of real businesses and their exact locations in the Netherlands. As per SpamFighter.com, the cyber criminals also had specific domain names registered in Holland.

The above attack findings throw light on the growing ransomware threats and the fact that the attacks are getting more targeted and cyber criminals more persistent towards an attack.

Protection against Ransomware

To effectively reduce the risk of cyber-attacks and impede the momentum of ransomware attacks following proactive measures could protect your users, devices, and networks: