Not only has the frequency of attacks skyrocketed, but attackers are shifting focus, targeting larger organizations and demanding higher ransom payments.
While attacks using ransomware as a service (RaaS) platforms remain commonplace, tending to hit unsuspecting small businesses, more sophisticated variants are being deployed through phishing emails and tricking users into activating banking Trojans.
Although banking Trojans are not new, having first hit BBR Services’ radar in 2015, they are increasingly problematic for businesses. Originally designed to steal banking credentials from users of online banking websites, recent variants of banking Trojans such as Emotet and Trickbot have been used by criminals to harvest all kinds of account details.
Katherine Keefe, head of Beazley Breach Response Services, said: “We have witnessed a considerable uptick in notifications of both ransomware and banking Trojans in the first few months of this year. Banking Trojans are particularly troublesome as they are often more difficult to eradicate from an infected IT system than other forms of malware. Not only are we receiving more notifications but they are often used by cyber criminals to install secondary viruses onto computer systems. This can cause businesses serious operational, financial and reputational damage if not identified and managed early enough. Regularly educating employees on what to look out for in emails and timely reporting to IT and BBR Services will help firms manage their cyber risk.”
For risk management advice and more information on banking Trojans, see the latest Beazley Breach Insights.
Scan here to download the app