If you’ve been keeping tabs on the cybersecurity world, you’ll know that viruses and malware have evolved from simply destroying data into making its authors a profit. From ransomware locking down computers for a fee to cryptojackers using others’ processing power to line their own pockets, malware has become a lucrative business. Over the years we’ve seen malware developers shift towards these profitable ventures in order to make some extra money.
In the early phase of this movement, malware developers didn’t really care who they hit. The idea of “quantity over quality” was key, hitting as many people as possible in the hopes that a handful will pay out. It became apparent over time, however, that hitting bigger targets usually ended up with better payouts. As time goes on, we’ve seen these attacks shift toward attacking businesses over the general public.
Where’s the Proof?
The numbers come from Malwarebyte’s own 2019 State of Malware report. To quote from their “Top 10 takeaways” from the report:
Businesses take a hit
Malware authors pivoted in the second half of 2018 to target organizations over consumers, recognizing that the bigger payoff was in making victims out of businesses instead of individuals. Overall business detections of malware rose significantly over the last year – 79 percent to be exact – and primarily due to the increase in backdoors, miners, spyware, and information stealers.
This is an incredible rise of attacks in the space of a year. Unfortunately, attacks on the public didn’t decrease as drastically — the report mentions a 3% total loss — but the clear shift of focus here is important for the future of cybersecurity and identifying who’s at the biggest risk of being attacked.
The more obvious reason malware authors are targeting businesses over the public the potential payout. Businesses as a collective have more money in the bank than an average family. Because of this, malware distributors can increase their asking rate when making a hit and get paid even more.
It’s also good to remember how sensitive a business’ data is compared to someone’s personal computer. Sensitive data can be big money if a hacker steals it and sells it to the right market. Hackers can also lock the files behind a ransomware attack, forcing the user to pay to unlock them again. Businesses are more likely to have crucial files worth stealing or locked away than the general public, thus making them a prime target.
Ransomware does more than just lock away files – it also makes the computer inoperable until the computer is restored. If a member of the public has their PC locked away, they’re not really losing out on anything while their computer is under siege. A business, however, could be losing vital trading time and losing thousands, if not millions of potential revenue while their computers are out of use. This makes them much more likely to pay the ransomware’s demand.
Why Should We Care?
So if we don’t own a business, why should we care that businesses are being targeted? Surely, if anything, this means that we have to worry less about malware.
While it’s true that attacks on the general public went down a little bit, it does mean that anyone working with an internet-connected company should take care. Malware authors sometimes target employees to trick them into downloading an infected file, making people within the company a potential target for a cyberattack. As such, you should be extra vigilant at work to keep hackers from taking advantage of your position!
Always double-check the correspondence you receive to ensure it’s coming from a legitimate source. There have been recent attacks where hackers pose as employees to trick actual employees to grant them access to the company’s computers, so be sure not to download or click on anything unless you’re absolutely certain you know what it is and who it’s from. Also, be sure to keep your login details safe and away from prying eyes, as they provide a free pass for someone who wants to access the company’s data.
In Good Company
With malware becoming big money, hackers are now redirecting their focus from the general public to businesses. As a result, employees should be vigilant with their cybersecurity to stop malware from stealing data and locking down computers.
Do you think hackers will focus more on companies in the future? Let us know below.