Ransomware Attacks Climb in 2016

(December 14, 2016) Ransomware attacks continued to accelerate in 2016, both in terms of attacks and the variety of programs, a new report says.

kaspersky-security-bulletin-2016

From January to the end of September, attacks on businesses increased threefold from one every 2 minutes to one every 40 seconds. For individuals, attacks increased to one every 10 seconds from one every 20 seconds, the Kaspersky Security Bulletin 2016 reported.

Ransomware either encrypts the victim’s data or blocks data on devices and demands money in return for a key to unencrypt or unblock the data.

One in every five businesses worldwide suffered an IT security incident as a result of a ransomware attack. Twenty percent of the cases were caused by employee carelessness or lack of awareness. The report noted:

  • 42% of small and medium-sized businesses were hit by ransomware in the last 12 months.
  • 32% paid the ransom.
  • One in five never got their files back, even after paying.
  • 67% of those affected by ransomware lost part or all of their corporate data—and one in four spent several weeks trying to restore access.

“New approaches to ransomware attacks that were seen for the first time in 2016 included disk encryption, where attackers block access to, or encrypt, all the files at once.” In addition, some ransomware programs determine if the infected computer belongs to financial services. If it does, then rather than encrypting the data, the malware downloads a piece of spyware to steal money, Kaspersky said.

For criminals who lack computing skill, ransomware creators are offering ransomware-as-a-service. The RaaS offers the malware for a small initial usage fee and then a commission based on paid ransoms. To protect against ransomware, the report recommends:

  • Back up data regularly.
  • Use reliable security solutions.
  • Treat email attachments or messages from people you don’t know with caution. If in doubt, don’t open it.
  • If your system becomes infected, don’t panic. Decryption tools may be available.
  • Report the incident to law enforcement.

Kaspersky Lab is an international cybersecurity and anti-virus provider.