Ransomware continues to dominate the cybersecurity landscape in 2017, with businesses large and small paying millions of dollars to unlock encrypted files. These attacks appeared in 64% of all malicious emails sent in Q3, and with major successful campaigns such as NotPetya and WannaCry, show no signs of slowing down, according to a new report from security firm Webroot, released Tuesday.
“This past year was unlike anything we’ve ever seen,” David Dufour, vice president of engineering and cybersecurity at Webroot, said in a press release. “Attacks such as NotPetya and WannaCry were hijacking computers worldwide and spreading new infections through tried-and-true methods. This list is further evidence that cybercriminals will continue to exploit the same vulnerabilities in increasingly malicious ways. Although headlines have helped educate users on the devastating effects of ransomware, businesses and consumers need to follow basic cybersecurity standards to protect themselves.”
Here are the top 10 worst ransomware attacks of 2017 so far, according to Webroot:
1. NotPetyaNotPetya started as a fake Ukranian tax software update, and went on to infect hundreds of thousands of computers in more than 100 countries over the course of just a few days. This ransomware is a variant of Petya, but uses the same exploit behind WannaCry. It hit a number of firms in the US and caused major financial damage: For example, the attack cost pharmaceutical giant Merck more than $300 million in Q3 alone, and is on track to hit that amount again in Q4.