COVID-19 – The Driver Behind Ransomware Attacks in 2020

computer hackers in underground dark room

Ransomware is a form of malware stealthily implanted on a victim’s device by an attacker with the intent of obtaining some valuable asset from the victim. Typically, the ransomware encrypts the user’s files or locks the user out of the device with a message showing how to contact the hacker or pay a ransom. Depending on the complexity of the algorithm with which the ransomware was designed, the malicious software can go as far as attacking network devices connected to the infected device.

The Growth of Ransomware Sophistication

Since the first ransomware attack in 1989, these malicious programs have grown in sophistication – attacking and taking ransom of high-value targets, including government networks, airports, hospitals, and so on. The advancement in cryptography, which goes hand in hand with encryption, has paved the way for this financially motivated cybercrime to thrive.

Cybercriminals can now develop sophisticated encryption technologies and receive payment via cryptocurrency, thereby making financial tracking a bit more complicated. According to Europol in 2018, ransomware rose over the last decade to become the most significant malware threat in the world.

COVID-19: An Opportunity for Ransomware Attacks

2020 will be one peculiar year to go down in history – undoubtedly due to the outbreak of the Nobel COVID-19 virus, which changed the way we live. The pandemic affected lives, properties, and even the economies of nations. People had to start working and schooling from home to limit the spread of the disease. Asides from the relative convenience this might pose, it also allowed cybercriminals to strike.

Hospitals and remote workers were the worst hit by this wave of attack as the former, having a more critical task of managing the health crisis, paid little attention to its IT infrastructure, leading to infiltration. Remote workers, on the other hand, obviously having to use networks that aren’t as secure as the ones in the workplace gave rise to an increase in ransomware attacks. Another factor that caused the surge in ransomware attacks during this period is the panic and chaos caused by the virus itself.

Ransomware Programs that emerged during the COVID-19 pandemic

The panic, which was mostly fueled by the reports of COVID-19’s infection rate and ultimately, the lockdown, led users to lower their guard down. Every application or website purported to be dispensing information concerning the virus got attractive to everyone. Unfortunately, some of these platforms possess harmful content that users do not know of till they get infected.

One of the newest ransomware in this category – the “Vicious Panda” campaign, was targeted at the public sector in Mongolia. This malware exploited a virus in the Microsoft Office Word, which, when infused into a system, grants the attacker remote access to be able to perpetrate their attacks.

A mobile app, dubbed to be the official COVID-19 tracer application provided by Health Canada, was shrouded with new ransomware called CryCryptor. This ransomware encrypts the user’s files and leaves a file through which the victim can reach out to the attacker to negotiate a release.

Fortunately, a decryption tool was soon developed for those who fell victim to the attack. Above all, ransomware software behaves the same way, and there are multiple ways to detect Covid-19 related ransomware attacks. The targets and manner in which these attacks are orchestrated speak volumes already.

Essential Ways to Stay Safe from Ransomware Attacks

Due to these many vulnerabilities, is it essential that both corporations and individuals take specific measures to stay safe from a ransomware attack. Discussed below are some of these measures:

  • Avoid Untrusted Emails and Websites: Emails and phishing websites have always been the primary source of attack over the years. Through social engineering and unsolicited mails, attackers can plant malicious programs to download and execute while an email or webpage is opened. To curb this, it is recommended that users ignore emails that have an unfamiliar subject name or which have gone to spam.
  • Employ the Use of Security Software: For corporations and individuals, it is always a good rule of thumb to have security software such as an antimalware software, firewall, and encryption mechanism to scan and remove any malware, prevent unauthorized network access and encrypt files, so they are useless to anyone who intercepts data as they travel through the network.
  • Avoid Giving out personal data: The malicious use of a person’s data has gone beyond the usual theft from a financial account. These days, details as little as cache and cookies which we allow on websites we visit, give way for our Internet activity to be monitored. A person’s Internet activity can reveal so much more about the person, and ultimately, it can be used to attack the person or gain access to an external network.


* indicates required