A recent report of Virus Total, Google’s malware scanning service company, found that 95 per cent of reported ransomware attacks in the 20 months to August 2021 have been targeted at Windows.
The distribution of ransomware samples submitted from different regions has been rather uneven with Israel, South Korea, Vietnam and China being the pack leaders. However, the number of detected attacks doesn’t necessarily correlate with the actual number of incidents that have taken place. The reason for this is that in some of the above-mentioned countries attack reporting is automated, while in others a high percentage of attacks go undetected – in a similar manner that countries with modest Covid testing programmes have given the false impression of being less infected than others on the other end of the spectrum.
The top strains of ransomware was Grandcrab for 2020 and Babuk with a spike in July 2021, while 93.28 per cent of ransomware detected were Windows executables abbreviated as .exe.file – so called because it contains an encoded sequence of instructions that the system can execute directly when the user clicks the file icon. Exe.file extensions can also be tell-tale signs of phishing scams when they come with a music, picture, or document file, which normally they would never do.
The reasons why Windows is so much in the crosshairs of cybercriminals are manyfold. Its high market share, global popularity and the value it can serve as a backdoor to undoubtedly play a role. But an equally important factor is that this operating system is not secure by design, and it’s more locked-down editions didn’t catch on among users. Chrome OS cloud-first platform, on the other hand, has had no reported ransomware attacks according to Virus Total, which, however impressive a feat it might be, also raises some conflict-of-interest concerns.
Virus Total receives a whopping two million suspicious files from 232 countries on an average day.