Ransomware continued to cause EMEA organizations most problems last year, accounting for over a quarter (29%) of malware detections compared to the global figure of just 7%, according to NTT Security.
The managed security services giant analyzed the wealth of data from its monitoring, management and incident response operations across the globe to compile its annual Global Threat Intelligence Report for 2018.
It found that while ransomware was the number one threat in EMEA, spyware and keyloggers comprised just 3% of total malware detections, despite making up 26% of the global figure.
NTT Security Global Threat Intelligence Center senior manager, John Heimerl, explained that a lot of the activity in EMEA has been fueled by headline-grabbing incidents such as WannaCry and NotPetya, which struck entire industries and “were designed to deliver maximum impact and cause huge disruption.”
“This suggests that attack campaigns in EMEA have been focusing more on quick wins which ransomware can deliver, rather than long-term access other attack vectors can provide,” he added.
However, on the plus side, the GTIR revealed that while the volume of global ransomware is rising, incident response engagement fell from over 22% of incidents in 2016 to just over 5% in 2017. That indicates that organizations are improving their detection and response.
“It’s clear that organisations are prioritizing incident response much more than they have done in the past, at least when it comes to ransomware. Our 2017 Risk:Value Report showed that nearly half of all respondents indicated they have an incident response plan in place, with another third working on their plans,” Heimerl continued.
“However, just because organizations are getting better at managing some incidents, they cannot afford to be lulled into a false sense of security.”
In fact, ransomware as a money-making scheme is increasingly being eschewed in favor of cryptojacking, according to several recent reports.
Cryptojacking attacks soared by 8500% in 2017 thanks to the growing value of digital currency, according to Symantec.
Cisco claimed earlier this year that cyber-criminals could make in excess of $100m per year through crypto-mining botnets.