Share, , Google Plus, Pinterest,

Print

Posted in:

Ransomware in the Wild: Statistical Overview

Ransomware is a continuously growing threat to individual computer users and organizations worldwide. It typically leverages an uncrackable combo of RSA and AES cryptosystems to deny the availability of one’s important files, subsequently demanding a fee for data recovery.

The ransoms range from $200 up to $10,000, depending on the malware family and the number of machines plagued in the course of an attack. Having originally targeted PCs running Windows, ransom Trojans have lately come to also hit Linux and Mac computers, as well as mobile devices.

According to the FBI’s Internet Crime Report, ransomware is one of the three hottest issues in the present-day cyber threat landscape, along with business email compromise and email account hacks. The losses reported by 2,453 victims in the U.S. last year amounted to $1.6 million. Compared to the corresponding statistics for 2014, the victim count nearly doubled in 2015. The actual expenditures, however, were much more impressive and reached $24 million, considering the total costs incurred in mitigating the damage.

Computer users compromised by a single strain called CryptoWall from April 2014 to June 2015 lost $18 million, with 992 complaints filed by those attacked. That’s just a breakdown based on cataloged incidents in the United States alone, whereas the big picture is certainly much more terrifying.

Researchers from Kaspersky Lab did their own research and came up with a report on ransomware assaults reflecting the global state of things on this arena. The company detected 2,900 new ransomware variants during the first quarter of 2016, which demonstrates a 14% increase compared to the fourth quarter of 2015. The prevalent ransomware families in Q1, 2016 were TeslaCrypt, Locky, CTB-Locker, Petya, and CryptoWall. As per the 2014 – 2015 comparative annual breakdown, there has been a 48.3% spike in the quantity of identified ransomware samples.

A total of 753,684 users around the globe fell victim to ransom Trojans in 2015. The infected users spent $300 on average to recover their frozen data. The impact tends to get much more disastrous if the crypto threat hits an organization with a large IT infrastructure. For instance, a compromised hospital in Los Angeles ended up paying the attackers a Bitcoin equivalent of $17,000 in February 2016. Another noteworthy fact is that the cybercriminals behind the notorious CryptoLocker strain have been reportedly earning an astonishing $30 million in ransoms every 100 days since 2014.

Meanwhile, most companies are ill-prepared for the challenge stemming from ransomware. According to a survey of 200 attendees of RSA Conference 2016, only 38% of IT executives claimed they were very confident that their company could recover from a ransomware attack without losing critical data. Furthermore, 73% of the respondents believe critical infrastructure providers are more vulnerable to these compromises than other organizations.

While the ransomware menace persists and keeps evolving, end users and companies should maintain secure data backups, steer clear of suspicious links, regularly install software patches and use reliable anti-malware suites.

3 Comments

Leave a Reply
  1. This ransomware is one of the few ransomware families that is capable of spreading on its own. It drops a copy of itself in removable drives, making use of USBs a risky practice
    The ransomware has several methods of being injected into a computer. Microsoft noted it can be distributed via spam emails, macro malware or through fake Flash Player installers. When it tries to spread through removable storage devices it “drops autorun.inf in removable drives, a zycrypt.lnk in the start-up folder: %User Startup%\zcrypt.lnk along with a copy of itself as {Drive}:\system.exe and %appdata%\zcrypt.exe, and changes the file attributes to hide itself from the user in file explorer,” the Microsoft report said.

    Once embedded and the files are encrypted a ransom note appears demanding 1.2 bitcoins, around $500, for the decryption key. It gives the victim four days to comply and then boosts the payment to five Bitcoins.

    some of the useful steps to protect yourself are that david had discussed with you

  2. Do not click on zip attachments on email
    Do not download free software from p2p sites
    Do not click suspicious links in skype or other IM
    Always update your system and software
    Make regular backups

Leave a Reply

Your email address will not be published. Required fields are marked *