Looking back over the events of 2016, one thing was made very clear by cybercriminals: ransomware is a rising star in their arsenal. In order to continue to remain protected against these threats, it is critical to have a clear understanding of them.
What Ransomware Has Done
Ransomware is a variety of malware that encrypts a user’s data, making it inaccessible to them. The malware distributor can then make a profit by, as the name would suggest, collecting a ransom from the victim in exchange for access to the files that the malware has locked away. This approach to cyber crime has exploded in popularity, increasing by 752 percent and netting distributors $1 billion just in 2016.
These infections overwhelmingly came from spam emails, assuming that these numbers match the proportions that Trend Micro managed to prevent. 79 percent of the ransomware attacks that Trend Micro detected came in via spam emails, while 20 percent originated from a distrustworthy web page.
Ransomware in 2016 was also increasingly spread out to different types of targets, striking not only enterprises, but also educational institutions, healthcare providers, government offices and the typical SMB.
Where Ransomware Comes From
The first appearance of ransomware was in the mid-2000s, when Russia saw a breakout of a program that would password-protect files and would leave a note demanding $300 in exchange for them. While at first only common file types were vulnerable, mobile phones and even the master boot record of a system were soon at risk of being sealed up by ransomware.
This threat quickly spread around the world and became more dangerous than ever. Rather than just keeping the victim’s files locked until they paid up, ransomware infections began to delete files if the ransom was not paid within a certain timeframe.
Why You Need to Worry
First, there have already been major ransomware attacks that have been launched on a global scale this year. WannaCry caused panic in Europe and the United States. Frankly, cybercriminals seem to have found a method that works well enough for them to continue, and so there is no reason for them to stop deploying ransomware.
If you run a business, you are at an increased chance of being targeted by a ransomware distributor. This can be attributed to the simple fact that cybercriminals will want to extort the largest amount of money possible. As a result, they are much more likely to target entities who handle larger quantities of money--entities like businesses.
Not to mention, many ransomware developers have embraced the online marketplace and are using it to make a profit with their programs. This has led to the creation of Ransomware-as-a-Service, where another aspiring cybercriminal can purchase the malware to use for a fee, or for a cut of their ill-gotten gains. There are also open-source varieties of ransomware that may be found online for free. To reiterate, these aren’t protections against ransomware, but the ransomware that users can deploy and spread on purchase.
Considering the explosion in ransomware’s popularity as an accessible example of malware, it is only more important that you learn the keys to avoiding infection. First and foremost, a healthy dose of suspicion should be associated with any unexpected emails, especially if they come from an unknown source. Secondly, be cautious as you surf the Internet, as it only takes one less-than-trustworthy site to infect your system.
Still have questions about ransomware? Want to do all you can to protect your business from it? The professionals at SCW can help. Call (509) 534-1530 today.
About the author
Sam is a network engineer with a broad range of experience spanning more than 35 years. He wrote is first piece of code in 1979 and has been involved with the industry ever since. For the last 20 years, he has worked for SCW Consulting where he has embraced his passion for network technology and security.
Mobile? Grab this Article!
Tag Cloud
Comments