Kaspersky’s top six tips to avoid ransomware attacks

According to Kaspersky’s latest report, attacks on high-profile victims have frown nearly eightfold from 2019 to 2020, placing us in the era of targeted ransomware. The cybersecurity provider shares its findings.

From 2019 to 2020, the number of Kaspersky users encountering targeted ransomware—malware used to extort money from high-profile targets, such as corporations, government agencies, and municipal organisations—increased 767%. This increase in targeted ransomware occurred alongside a 29% decrease in the overall number of users affected by any ransomware, with WannaCry still the most frequently encountered family. These are among the most important findings in Kaspersky’s recent report on the ransomware landscape from 2019-2020.

When attackers encrypt private information and hold it to ransom, the ransomware threat became mainstream news in the 2010s following large-scale outbreaks, such as WannaCry and Cryptolocker. They targeted tens of thousands of users and often requested relatively small amounts from victims to have their files returned. Over the years, these campaigns have been on the decline. In fact, from 2019 to 2020, the total number of users that encountered ransomware across all platforms declined from 1,537,465 to 1,091,454—a decrease of 29%. However, alongside this decline, there has been a rise in targeted ransomware.

Targeted ransomware attacks—attacks against a chosen victim to extort money—are often aimed at high-profile targets, such as corporations, government and municipal agencies, and healthcare organisations. The attacks involve significantly more sophistication (network compromise, reconnaissance and persistence, or lateral movement) and a much larger payout. From 2019 to 2020, the number of users encountering targeted ransomware increased by around 767%.

The number of unique Kaspersky users affected by targeted ransomware, 2019-2020

During this time, some of the most prolific targeted ransomware families were Maze, the infamous group involved in several loud incidents, and RagnarLocker, also covered in the news. Both of these families began the trend of exfiltration of data and encrypting it, and threatening to make the confidential information public if the victims refused to pay. WastedLocker also made front-page headlines with similar incidents. In many cases, the malware is specifically designed to infect each target.

Despite the rise in targeted ransomware, the ransomware family most frequently encountered by users is still WannaCry, the ransomware Trojan that first appeared in 2017 and led to damages of at least US$4bn across 150 countries. 22% of the users that encountered ransomware in 2019 encountered WannaCry; this decreased to 16% in 2020.

“The ransomware landscape has fundamentally changed since it first became big news in the security community. We’ll most likely see fewer and fewer widespread campaigns targeting everyday users. Of course, that’s not to say users aren’t still vulnerable. However, the primary focus will likely continue to be on companies and large organizations, which means ransomware attacks will continue to become more sophisticated and more destructive. Businesses must adopt a holistic, comprehensive set of security practices to protect their data,” comments Fedor Sinitsyn, a security expert at Kaspersky.

Read more about the ransomware landscape on Securelist here.

READ MORE: 

To protect your company from ransomware, Kaspersky experts recommend that you:

  1. Always keep software updated on all the devices you use to prevent ransomware from exploiting vulnerabilities.
  2. Focus your defence strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminal connections.
  3. Back up data regularly. Make sure you can quickly access it in an emergency when needed.
  4. Carry out a cybersecurity audit of your networks and remediate any weaknesses discovered in the perimeter or inside the network.
  5. Explain to all employees that ransomware can easily target them through a phishing email, a shady website or cracked software downloaded from unofficial sources. Ensure staff remain vigilant at all times and check their knowledge with tests.
  6. Along with proper endpoint protection, dedicated services can help against high-profile ransomware attacks. Kaspersky Managed Detection and Response proactively hunt for attacks and help to prevent them in the early stages, before attackers reach their final goals.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...

The need to clean data for effective insight

David Sheldrake • 05th March 2025

There is more data today than ever before. In fact, the total amount of data created, captured, copied, and consumed globally has now reached an incredible 149 zettabytes. The growth of the big mountain is not expected to slow down, either, with it expected to reach almost 400 zettabytes within the next three years. Whilst...

What can be done to democratize VDI?

Dennis Damen • 05th March 2025

Virtual Desktop Infrastructure (VDI) offers businesses enhanced security, scalability, and compliance, yet it remains a niche technology. One of the biggest barriers to widespread adoption is a severe talent gap. Many IT professionals lack hands-on VDI experience, as their careers begin with physical machines and increasingly shift toward cloud-based services. This shortage has created a...

Tech and Business Outlook: US Confident, European Sentiment Mixed

Viva Technology • 11th February 2025

The VivaTech Confidence Barometer, now in its second edition, reveals strong confidence among tech executives regarding the impact of emerging technologies on business competitiveness, particularly AI, which is expected to have the most significant impact in the near future. Surveying tech leaders from Europe and North America, 81% recognize their companies as competitive internationally, with...