Ransomware Jumps Threefold in 2016

[Exterminator]

Ransomware attacks on businesses grew threefold this year to reach one every 40 seconds by October, according to new data from Kaspersky Lab.

The Russian AV firm claimed that attacks came once every two minutes at the start of the year.

For individuals it was even worse, with Kaspersky Lab calculating one attack every 10 seconds by Q3, up from once every 20 seconds at the beginning of the year.

Some 20% of organizations worldwide suffered an IT incident as the result of a ransomware infection this year, and the same percentage of small businesses never got their files back even after paying up.

That chimes with separate research from Trend Micro from earlier this year which claimed that one in five UK firms it polled were left without a decryption key after they paid the ransom.

While Kaspersky Lab was at pains to point out there’s no such thing as a low-risk sector, education was worst hit, accounting for 23% of all attacks, while retail and leisure (16%) was least affected.

So far the vendor has discovered 62 new ransomware families.

The continued rise in ransomware is attributed in part to the success of the ransomware-as-a-service model, which has democratized the means of launching such attacks to a broad sweep of cyber-criminals.

“The classic ‘affiliate’ business model appears to be working as effectively for ransomware as it does for other types of malware. Victims often pay up so money keeps flowing through the system,” said Fedor Sinitsyn, senior malware analyst, Kaspersky Lab.

“Inevitably this has led to us seeing new cryptors appear almost daily.”

Trend Micro claimed in a report this week that new ransomware families discovered soared 400% between January and September, but growth next year will drop to 25%, it added.

However, we’re likely to see such malware increasingly bundled in with data breaches as cyber-criminals look to maximize their profits.

 

[Tony Cole]

What has changed - CryptoWall 3 and 4 couldn't be decrypted, yet a lot of new ransomware Emsisoft and others are able to create software to decrypt the encryption technologies employed?

 

[cruelsister]

Tony- although any decryptor is welcome, don't be all that much secure when you hear that a new one is released. They tend to be for script-kiddie stuff of limited distribution or older varieties of things like Cerber, which once broken will see a new version released that is proof from decryption. Then you have the most prevalent- Locky variants- no luck with these either.

 

[Tony Cole]

Thanks cruelsister!

 

[jamescv7]

Trend Micro claimed in a report this week that new ransomware families discovered soared 400% between January and September, but growth next year will drop to 25%, it added.

Not surprised, huge attacks occurred based on trending scenarios.

Once it became common then the production is already at slow stage, developers are focusing more on having dramatic revenues/income to gain.