The worldwide ransomware epidemic broke out several years ago, and it does not look like it about to stop any time soon. The reports on ransomware attacks keep on growing, and this time we would like to give you a concise summary of the ransomware attacks from last year, based on the reports by various news outlets.
While most of the news outlets suggest that small first are the main targets of ransomware attacks, there is always a chance that individual users could be affected by this, as well. Therefore, you have to take up all the measures necessary to protect yourself from such intruders.
What Do the Numbers Say?
The most quoted study released in the annual Verizon data breach investigations report says that ransomware made up almost 40% of all successful malware attacks in 2017. This suggests that the number of successful ransomware infection campaigns have doubled since 2016. This number has grown not just because the criminals have been displaying high levels of ingenuity, but also because the range of the potential targets has grown as well. Normally, we would expect ransomware infections to affect individual PCs, but nowadays these programs can also be found on databases, too.
Phishing Emails
When we talk about ransomware infections, we always tend to emphasize that the most common ransomware distribution method is spam emails. It is the cheapest way to spread your content, and the reports support that claim. It says that 96% of the ransomware attacks come from emails, and employees from small companies (that often happen to fall victims to these infections) tend to succumb to social engineering attacks. Although here we would like to emphasize that the majority of people who get exposed to phishing attacks do not fall for them.
The overwhelming majority of 78% of people who went through a phishing attack test last year did not fall for it. Nevertheless, the test results showed that at least 4% of the participants did click a link or download a malicious file. The problem is that if cyber criminals target a corporation or a database, one single download is all they need to infect the entire system because usually corporate computers are connected to one network. Therefore, if one person downloads a file with a malicious payload and runs it, soon the infection can spread to other network computers, encrypting data and holding the entire system hostage.
Targeting Businesses
Perhaps it does not take a genius to understand why cyber criminals are trying to infect corporate computers with their ransomware programs. With the successful WannaCry and NotPetya outbreaks in 2017, hackers all around the world have noticed that is it a lot easier to extort money from firms rather than individual users. Individual users are less likely to gather the money for the ransom, and they are more likely to give up on the encrypted data.
However, businesses may not be in the position where they could afford to lose their data. Especially if they do not keep a data backup (although that is the basic thing that all firms should do), so it is only natural that hackers feel they can get more cash by infecting corporations and other firms. And the point is that as long as those firms are willing to pay the ransom, which is sometimes tens thousands of dollars in Bitcoin, the people behind ransomware are going to continue with their dark deeds. The sad part about this is that ransomware infections usually target smaller firms because they know smaller firms cannot invest in cyber-security, so they are more vulnerable to such attacks. To put it simply, they have done their homework, and they have done it good.
In Perspective with Other Infections
When we say that ransomware attacks have more than doubled over the last year, we believe that we should provide you with more data on the matter. It might seem that there have been thousands of ransomware incidents, but the security report says that there have been over seven hundred incidents in 2017. Perhaps it does not look like a very big number in retrospect, but we have to remember that ransomware infections are particularly devastating because they encrypt almost all user files, and the data does not go back to normal even if you remove the infection.
Another thing is that ransomware clearly is not the only type of malware that turns everybody’s cyber lives into hell. Other attacks that users have to deal with usually are the use of stolen identity credentials to access secure business networks. There are also phishing emails going around masquerading as notifications from reliable financial organizations (as a matter of fact, this could also be used for malware distribution!). Users may also encounter hackers who impersonate sales ages or senior staff members, trying to go through payment process to swindle you out of your money. So we can clearly see that business firms have a lot to be wary of.
The security report also mentioned the DDoS (or Distributed Denial of Service) attacks, but it is said that companies seldom become victims of such security breaches. It is far more likely that a DDoS could be performed against a certain website out of grudge or fun. As a matter of fact, grudge and fun do appear in the list of actor motives that influence people to engage in security breaches. However, the financial actor and espionage still remain the main reasons for malware attacks.
What Are the Security Measures?
For the most part, it is always emphasized that prevention is more important than treatment when it comes to ransomware. System IT administrators are urged to remain vigilant and keep as little data accessible to the employees of all levels, as possible. Also, backing up the important data or encrypting it would also prevent serious data loss in the case of a ransomware breach (or any other infection for that matter). Finally, employee education also plays an important role in preventing the further growth of the ransomware infections in 2018. So do all it takes to protect your system from harm.
References:
- ETech, Ransomware attacks double since 2017: Report. ET Tech
- ET Online. Ransomware attacks double since 2017, HR on hackers’ targets: Verizon Data Breach Report. The Economic Times.
- Jessica Lyons Hardcastle, Verizon Data Breach Report Finds Ransomware Double Since 2017. SDX Central.
- Alison DeNisco Rayome. Ransomware reigns supreme in 2018, as phishing attacks continue to trick employees. TechRepublic.
- Ms. Smith, Ransomware incidents double, threatening companies of all sizes. CSO Online.
- Ray Schultz, Ransomware Attacks Double This Year: Verizon. MediaPost.
- Technology, Ransomware tops malicious attack charts. BBC