By Anthony O’Mara, VP Sales EMEA, Malwarebytes
The worrying trend over the last 18 months in the world of malware has been twofold: an increase in ransomware as a threat and significant evidence that the number of perpetrators of this kind of malware is increasing.
It’s no surprise that ransomware is on the increase. Requiring less effort and expertise to run and resulting in faster pay-outs in the form of a ransom, the process is often entirely automated and can result in huge returns. Malwarebytes (in collaboration with Osterman Research) produced a series of statistics to underline just why ransomware is so popular:
- 40% of organisations contacted had been impacted by ransomware within the previous 12 months (up to August 2016).
- Of this 40%, 1/3 had lost revenue as a result of a ransomware attack and 20% had ceased operations.
- Two out of five organisations had gone on to pay the ransom despite being advised not to.
- Ransoms ranged from $1,000+ (60%), $20,000+ (20%) and $150,000+ (1%).
From January 2016 to November 2016, the number of ransomware attacks have doubled with the last quarter of 2016 yielding another 400 new variants of ransomware, mostly from a brand-new source; yet again, underlining the constant new entrants to the ransomware market as an opportunity for criminal groups.
Easy as pie
By far the most alarming news to come out of recent ransomware attacks is the lack of throughflow expertise. Quite simply, anyone can launch a ransomware attack, with zero knowledge of how malware works or how to distribute it. The dark web serves its purpose by offering Ransomware-as-a-Service (RaaS) effectively matching wannabe cybercriminals with those with the technical knowledge to deliver a ransomware product, fully customised and ready to go – all for the cost of a few hundred dollars in bitcoins.
With the right appetite and an experienced developer, there is no limit to how easily anyone can launch their own cyberattack. What’s more, the traditional targets of ransomware are being left behind as creative criminals expand into the IoT with specific devices being held to ransom or networks of devices. An Austrian hotel was recently held to ransom as its key card entry system was targeted rendering all the guests of the hotel unable to access their hotel rooms.
The advice for ransomware remains the same; don’t pay the ransom. Thought it is tempting to imagine that this is the cheapest and easiest way to regain control, there is no guarantee that your files can and will be decrypted; moreover, paying ransoms only exacerbates the current landscape. A combination of robust IT security, vigilance and a good back up regime should limit the risk of falling foul of a ransomware attack and improve your chances of recovery should you happen to become a victim.