The number of users attacked with encryption ransomware is soaring, with 718,536 users hit between April 2015 and March 2016: an increase of 5.5 times compared to the same period in 2014-2015. The irreversible consequences of this kind of malware infection, along with the high value data that is being encrypted by ransomware, tempts victims to pay for decryption, which in turn draws more cybercriminals into the business.
It’s no secret that crypto-ransomware, which encrypts data on users’ systems has become a huge problem for cybersecurity over the last few years. It has become so widespread that it could easily be called an epidemic. To understand its scale, the It security product firm Kaspersky Lab has researched how the ransomware threat has evolved over a period of 24 months. The company’s analysis includes attack statistics for classic screen-blocker ransomware as well as crypto-ransomware. The report covers the full two-year period, which for comparison reasons has been divided into two parts of 12 months each: from April 2014 to March 2015 and from April 2015 to March 2016. These timescales were chosen because they witnessed several significant changes in the ransomware threat landscape, the firm says.
Key findings:
The total number of users encountering any type of ransomware between April 2015 and March 2016 increased by 17.7 per cent compared to the period April 2014 to March 2015 – from 1,967,784 to 2,315,931 users around the world;
The number of users attacked with crypto-ransomware rose 5.5 times, from 131,111 in 2014-2015 to 718,536 in 2015-2016;
The share of users encountering ransomware at least once as a proportion of the total number of users encountering malware rose 0.7 per cent, from 3.63 per cent in 2014-2015 to 4.34 per cent in 2015-2016;
The share of users encountering crypto-ransomware as a proportion of those encountering ransomware rose dramatically – up 25 per cent, from 6.6 per cent in 2014-2015 to 31.6 per cent in 2015-2016;
The number of users attacked with blockers (ransomware that locks screens) decreased by 13.03 per cent, from 1,836,673 in 2014-2015 to 1,597,395 in 2015-2016;
Germany, Italy and the US are the countries with the highest percentage of users attacked with encryption ransomware.
Fedor Sinitsyn, Senior Malware Analyst at Kaspersky Lab said: “The biggest problem with crypto-ransomware today is that sometimes the only way to get the encrypted data back is to pay the criminals, and victims tend to pay. That brings a lot of money into the underground ecosystem that has grown up around this malware, and as a result we are seeing new cryptors appear almost daily. Companies and regular users can protect themselves by implementing regular backups, using a proven security solution and keeping themselves informed about current cybersecurity risks. The ransomware business model seems to be profitable and safe for criminals, and the security industry and users can change that just by implementing these basic measures.”
