Share, , Google Plus, Pinterest,


Posted in:

Ransomware in the Wild: Statistical Overview

Ransomware is a continuously growing threat to individual computer users and organizations worldwide. It typically leverages an uncrackable combo of RSA and AES cryptosystems to deny the availability of one’s important files, subsequently demanding a fee for data recovery.

The ransoms range from $200 up to $10,000, depending on the malware family and the number of machines plagued in the course of an attack. Having originally targeted PCs running Windows, ransom Trojans have lately come to also hit Linux and Mac computers, as well as mobile devices.

According to the FBI’s Internet Crime Report, ransomware is one of the three hottest issues in the present-day cyber threat landscape, along with business email compromise and email account hacks. The losses reported by 2,453 victims in the U.S. last year amounted to $1.6 million. Compared to the corresponding statistics for 2014, the victim count nearly doubled in 2015. The actual expenditures, however, were much more impressive and reached $24 million, considering the total costs incurred in mitigating the damage.

Computer users compromised by a single strain called CryptoWall from April 2014 to June 2015 lost $18 million, with 992 complaints filed by those attacked. That’s just a breakdown based on cataloged incidents in the United States alone, whereas the big picture is certainly much more terrifying.

Researchers from Kaspersky Lab did their own research and came up with a report on ransomware assaults reflecting the global state of things on this arena. The company detected 2,900 new ransomware variants during the first quarter of 2016, which demonstrates a 14% increase compared to the fourth quarter of 2015. The prevalent ransomware families in Q1, 2016 were TeslaCrypt, Locky, CTB-Locker, Petya, and CryptoWall. As per the 2014 – 2015 comparative annual breakdown, there has been a 48.3% spike in the quantity of identified ransomware samples.

A total of 753,684 users around the globe fell victim to ransom Trojans in 2015. The infected users spent $300 on average to recover their frozen data. The impact tends to get much more disastrous if the crypto threat hits an organization with a large IT infrastructure. For instance, a compromised hospital in Los Angeles ended up paying the attackers a Bitcoin equivalent of $17,000 in February 2016. Another noteworthy fact is that the cybercriminals behind the notorious CryptoLocker strain have been reportedly earning an astonishing $30 million in ransoms every 100 days since 2014.

Meanwhile, most companies are ill-prepared for the challenge stemming from ransomware. According to a survey of 200 attendees of RSA Conference 2016, only 38% of IT executives claimed they were very confident that their company could recover from a ransomware attack without losing critical data. Furthermore, 73% of the respondents believe critical infrastructure providers are more vulnerable to these compromises than other organizations.

While the ransomware menace persists and keeps evolving, end users and companies should maintain secure data backups, steer clear of suspicious links, regularly install software patches and use reliable anti-malware suites.