San Jose, Calif. (KTVU) - Destructive malware attacks against businesses grew by more than 200 percent in the first half of 2019, as compared to the second half of 2018, says a report published Monday by IBM's X-Force IRIS (Incident Response and Intelligence Services) team.
50 percent of those attacks were targeted against the manufacturing industry, other sectors significantly affected included oil & gas, and education, the report found. A majority of the destructive attacks hit organizations in Europe, the United States, and the Middle East, the report said.
"X-Force IRIS has been observing cybercriminals increasingly incorporate destructive components, such as wiper malware, into their attacks on commercial entities," the report says. A wiper malware, as the name suggests, wipes the data from any writeable storage component it finds on an infected computer. Wiper elements are common in ransomware, where the attacker threatens to delete the infected host's data unless a ransom is paid, usually in cryptocurrency.
The report highlights a 116 percent increase in ransomware attacks in the first half of 2019, when compared to the second half of 2018. The WannaCry attack in 2017 is perhaps most famous example of ransomware. Cybercriminals now resort to ransomware like LockerGoga and MegaCortex to infect enterprise networks, the report said.
On average, large multinational companies appear to incur costs around $239 million, per incident, 61 times greater than the cost of a typical data breach, the report found, with an average of 12,316 computers rendered unusable by the attack.
Attackers planned out destructive malware attack months after infecting a device, asset, or network, the report found. Infection vectors ranged from spear-phishing emails, credential compromise, watering-hole attacks, and compromise of third parties.