Ransomware attacks drop for the first time since 2018

In an increasingly digital world, we have to deal more with different cyber threats. One of the most on the rise right now is ransomware attacks. When an attack of this type occurs, our files will be encrypted and we will lose access. If we want to recover them, we will have to pay a ransom that is normally paid in cryptocurrencies to leave as little trace as possible. Today it is a serious problem and affects both individuals and companies of all sizes. In this article, we are going to see how ransomware attacks are declining for the first time since 2018.

The threat report

In a report of Positive Technologies have analyzed the cybersecurity threat situation for the third quarter of 2021. Among their findings, they have found a decrease in the number of unique cyberattacks. However, it should be noted that there has been an increase in the number of attacks against people and attacks using remote access malware have also increased.

It should also be noted that the number of attacks in the third quarter decreased by 4.8% compared to the previous quarter. In that respect it is first time That observes a negative trend since the end of 2018. Researchers believe that one of the main reasons for this variation is the decline in ransomware attacks and the fact that some major groups have temporarily left the cybercrime scene. Thus, due to this it has been possible to observe that the proportion of attacks aimed at compromising business computers, servers and network equipment has been reduced from 87% to 75%.

Ransomware attacks are down

The peak of ransomware attacks was in April 2021 when 120 attacks were recorded. He also added that in September 2021 there were 45 attacks63% less than in the maximum of April because several of the big ransomware gangs stopped their operations and governments started paying more attention to the problem due to high-profile attacks. With this we have seen that ransomware attacks are reduced.

Researchers have discovered a different trend regarding the Ransomware as a Service (RaaS) approach. In case you don’t know, we find ourselves with a type of service not very different from SaaS (software as a service), with the difference that instead of offering us legitimate programs to work with, what they do is offer us malware kits with the that we can make our ransomware attack.

They also predicted that one of the possible changes regarding ransomware would be that the groups would stop using the RaaS model in its current way. He also says that in the third quarter it has become safer for ransomware operators to hire people to distribute malware as permanent employees for these reasons:

  • It will be safer to work this way for both parties.
  • More organized and efficient forms of cooperation can be created.


This research also found that the proportion of malware attacks on businesses dropped by 22%. However, the interest of cybercriminals in the data increased the use of remote access Trojans. Thus, we could see how it increased from 17 to 36% in companies, while in those referring to people, these remote control Trojans represented more than 50% of all the malware used. In this regard, we can say that during the third quarter remote access Trojan attacks increased 2.5 times compared to the first quarter.

It is also worth noting the 5% increase in attacks carried out by an APT group. Thus, many phishing and intelligence campaigns aimed at government workers, industrial companies and employees of the media could be seen. In addition, it is also worth noting that social engineering attacks against people increased from 67% to 83%. In addition, cybercriminals are increasingly carrying out more sophisticated attacks, such as having you call fraudulent call centers. Finally, we have seen how ransomware attacks have decreased but attacks against people such as social engineering have increased instead.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *