IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Russian hackers 'are behind 75% of crypto ransomware'

Research: Ransomware hits a business every 40 seconds

Hacker in front of a Russian flag

Russian-speaking criminal gangs are responsible for over 75% of crypto ransomware, new research announced at RSA Conference 2017 claims.

A total 47 of the 62 new crypto ransomware families discovered by Kaspersky Lab in 2016 can be tied to Russian-speaking groups or individuals. This conclusion is reportedly based on "observation of underground forums, command and control infrastructure, and other artefacts".

"It is hard to draw strong conclusions on why so many of the ransomware families out there have a Russian origin," wrote senior malware analyst Anton Ivanov in a SecureList blog, "but it is safe to say that this is because there are a lot of well-educated and skilled code writers in Russia and its neighboring countries."

Ivanov also cited the fact that Russia has a strong history of ransomware, linking the current epidemic to a wave of attacks from 2009 to 2011, which blocked access to browsers and operating systems in exchange for a fee. "The epidemic withered for a number of reasons," he said, "but it seems that experienced ransomware criminals haven't disappeared".

Other statistics revealed as part of the research include the fact that in Q3 2016, an individual was hit with a ransomware attack every ten seconds while a business was attacked every 40 seconds. Furthermore, one in five SMBs who ponied up the cash for the ransom still did not get their data decrypted.

The news comes at a time when fears of Russian hackers are at an all-time high. Debate still rages over whether or not Putin ordered state-sponsored hacks during the US election, and President Donald Trump's top national security advisor, Michael Flynn, resigned just this morning over leaks showing he had held discussions with the Russian ambassador over sanctions, before allegedly trying to cover the discussions up, though Flynn said he had accidentally misinformed the president over the nature of his talks.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT
ransomware

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT

13 Apr 2022
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
US government warns of increased risk of ransomware over holiday season
ransomware

US government warns of increased risk of ransomware over holiday season

24 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Microsoft to double salary budget to retain workers
Careers & training

Microsoft to double salary budget to retain workers

17 May 2022