Researchers Claim That Weak Passwords Were to Blame for 30% of Ransomware Infections in 2019
Cybercriminals need to be flexible and adaptable if they are to run a successful operation. Crooks never sit still and are constantly changing their tactics not only to stay one step ahead of law enforcement agencies and the infosec industry but also to ensure that their attacks are as destructive and as profitable as possible. This is precisely why, over the last couple of years, we've seen ransomware operators shifting their focus away from home users and moving it toward large organizations. The reason for this is trivial.
End users became more aware of the ransomware threat, and the number of people who take regular backups of their important files grew. As a result, fewer victims were willing to pay the ransom. At the same time, the crooks realized that if they successfully hit a big organization, they can cause absolute havoc and can then demand an exorbitant fee to end it. It's difficult to say how successful this strategy has been, but massive ransomware infections such as the one that crippled the Travelex currency exchange suggest that the ransomware operators are happy with what they're doing.
It looks like the primary targets aren't the only thing that has changed, though.
Weak passwords are the third most common cause of ransomware infections
Security website PreciseSecurity.com recently shared some research results according to which a weak password was at the bottom of one in every three ransomware infections in 2019. There aren't many details around the methodology used during the survey, but according to the graphics, poor access and password management ranks third on the list of the most common causes of ransomware attacks after spam emails and insufficient cybersecurity training. This is an interesting development.
Back in the days of ransomware catered to the home user, prolific threats like Locky were spread around almost exclusively with the help of malicious email attachments. Macro-laced Word documents and files with double extensions were a hit back then, and the statistics prove that users were willingly taking the proverbial bait. As you can see, spam is still the most widely used infection vector, but the crooks are clearly willing to try other distribution methods.
It looks like we'll never learn
Should we really be surprised that cybercriminals are exploiting weak passwords to infect people and organizations with ransomware? Yes and no.
On the one hand, the results aren't shocking at all. Cybercriminals will always take the path of least resistance, and it must be said that in certain areas, we have managed to make their lives a little bit harder. In the same way that end users have taught themselves to keep backups of their files, people, both at home and in the office, have realized how dangerous opening random attachments could be. Email security technology has also progressed, which means that the successful infection rate with malicious attachments could never be as high as it once was. Meanwhile, when it comes to passwords, the situation hasn't changed much. This is not only surprising but immensely saddening as well.
PreciseSecurity.com quoted multiple studies that highlight people's appalling password hygiene, and there are plenty more surveys dedicated to the problem. Over the years, weak and reused passwords have been accountable for many major cybersecurity incidents, including a few ransomware outbreaks, and yet, the figures in the new research papers show pretty definitively that people are not learning their lesson. The fact that crooks continue to break in using weak passwords shows that the users haven't acquired the habit of protecting their accounts with two-factor authentication, either.
The humble password is the bane of modern-day cybersecurity specialists. For years, experts have typed their fingers to the bone trying to help users manage their accounts more securely, but most of their advice seems to have fallen on deaf ears. Using secure passwords without the help of additional tools is pretty much impossible, but despite the availability of numerous password management applications, people simply aren't willing to adopt them. We can only hope that one day, this will finally change because when it does, the crooks will need to find another way of flinging their malware around. And hopefully, this will be easier said than done.