Cyber incidents continue to rise, ransomware accounts for nearly two-thirds of all malware attacks, and more cybercriminals are customizing malware for attacks on virtual infrastructure, according to Positive Technologies‘ Cybersecurity Threatscape Q1 2021 research report.

According to the research, the number of attacks increased by 17% compared to Q1 2020, with 77% being targeted attacks, and incidents with individuals accounting for 12% of the total. Cybercriminals attacked government institutions, industrial companies, scientific organizations, and educational institutions the most. Their main targets are personal data and credentials, and attacks on organizations are also aimed at stealing commercial secrets.

The research shows that ransomware remains the most common malware. Its share, among other malware used in attacks on organizations, increased by seven percentage points compared to Q4 2020, now accounting for 63% of all malware. The report also finds Q1 saw several new pieces of ransomware emerge — for example, Cring, Humble, and Vovalex. And WannaCry is reported to be running rampant again, which made a name for itself in 2017.

The report also finds the ransom amounts demanded by ransomware operators continue to grow, and due to the fact that some companies refuse to pay, attackers come up with new extortion tactics – for example, they threaten to report the attack and data theft to a victim’s customers, expecting that the customers will persuade the company to pay a ransom to prevent the disclosure of their personal data.

More and more cybercriminals are developing malware to conduct attacks on virtualization environments, and some are aggressively trying to exploit vulnerabilities already found in software for deploying virtual infrastructure. The experts link this primarily to the global process of moving corporate IT infrastructure into a virtual environment.