Ransomware continues to spread quickly and widely across the world, tightening its hold on the data and devices of both individuals and businesses.
Over the last year, ransomware has grown in sophistication and diversity. Kaspersky's Security Bulletin the evolution of ransomware, including key developments from the last 12 months, including the main trends and discoveries, as well as what measures are being taken to fight back against it.
A business is attacked by ransomware every 40 seconds
Attacks on businesses increased three-fold between January and the end of September, rising from an attack every two minutes to one every 40 seconds. For individuals, the rate of increase went from every 20 seconds to every 10 seconds. Overall, 23.9% of ransomware attacks are targeting corporates, up from 17% at the beginning of 2016.
.
A quarter of all users were attacked by CTB-Locker ransomware
Cerber and Locky arrived in the early spring; nasty, virulent strains of ransomware that are propagated widely through spam attachments and exploit kits. CryptXXX appeared a little later on, but established itself with the other two as a major player', targeting individuals and corporates. All three families continue to evolve alongside well-established incumbents such as CTB-Locker, CryptoWall and Shade.
.
42% of small and medium-sized businesses were hit by ransomware last year
According to Kaspersky Lab research, in 2016, one in five businesses worldwide suffered an IT security incident as a result of a ransomware attack. As a result, small and medium-sized businesses are increasingly struggling with ransomware attacks, with 42% of them being hit by ransomware in the last 12 months. Of those affected, 32% paid the ransom, but one in five never got their files back, even after paying.
.
The number of new ransomware modifications has increased by eleven-fold
62 new ransomware families appeared in 2016, bringing with them a vast increase in the number of new ransomware modifications: 32,091 in Q3 from 2,900 in Q1, an increase of 11-fold. Locky ransomware, a new addition last spring, has so far been spread across 114 countries.
.
One in five IT and education businesses was affected by ransomware
Social engineering and human error remain key factors in corporate vulnerability. One in five cases involving significant data loss came about through employee carelessness or lack of awareness. Some industry sectors, including education and IT/telecoms are harder hit than others, but the research shows that all industries are at risk; there's no such thing as a low-risk sector any more.
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attackNews A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
