Cyber

Year of ransomware

by Mark Rowe

In 2017, more than a quarter, 26.2 per cent of business users were targeted by ransomware, compared to 22.6 per cent in 2016. This is due in part to three unprecedented attacks targeting corporate networks that changed forever the landscape for this increasingly virulent threat, according to a cyber-security product company.

Kaspersky Lab says that 2017 will be remembered as the year the ransomware threat suddenly and spectacularly evolved with advanced threat actors targeting businesses the world over with a series of destructive worm-powered attacks whose ultimate goal remains a mystery. Was the true purpose of the WannaCry attack ransomware gone wrong or a deliberate destructive attack disguised as ransomware? The attacks included WannaCry on May 12, ExPetr on June 27, and BadRabbit in late October. They all used exploits designed to compromise corporate networks. Businesses were also targeted by other ransomware and the company prevented ransomware infections on over 240,000 corporate users overall.

The WannaCry attack was industry-agnostic, and victims were mainly organizations with networked systems. The ransomware also hit embedded systems. These often run on legacy OS and are therefore particularly vulnerable. Victims received a ransom demand to be paid in bitcoins.

Fedor Sinitsyn, Senior Malware Analyst at Kaspersky Lab, said: “The headline attacks of 2017 are an extreme example of growing criminal interest in corporate targets. We spotted this trend in 2016, it has accelerated throughout 2017, and shows no signs of slowing down. Business victims are remarkably vulnerable, can be charged a higher ransom than individuals and are often willing to pay up to keep the business operational. New business-focused infection vectors, such as through remote desktop systems are not surprisingly also on the rise.”

The No More Ransom initiative, launched in July 2016 offers free decryption tools for some ransomware variants and advice, the cyber firm adds. The project brings together law enforcers and cyber-security vendors to disrupt the big ransomware families, seeking to help individuals to get their data back and undermining the criminals’ lucrative business model.

For the Story of the Year 2017: Ransomware’s new menace visit https://securelist.com/ksb-story-of-the-year-2017/83290/.

Related News

  • Cyber

    Protection through data collection

    by Mark Rowe

    The continued digitalisation and technological transformation of our economy and society means that there are increasingly more operations susceptible to a host…

  • Cyber

    CTO of 2021

    by Mark Rowe

    Balancing productivity and cyber security is key to success, writes Dan Davies, pictured, Chief Technology Officer, at cloud and managed services company…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing