跳到主体内容

Attacks on Business Now Equal One Every 40 Seconds: Ransomware is Kaspersky Lab’s Story of the Year 2016

2016年12月9日

In 2016 ransomware attacks on business increased three-fold: which represents a change from an attack every 2 minutes in January to one every 40 seconds by October

In 2016 ransomware attacks on business increased three-fold: which represents a change from an attack every 2 minutes in January to one every 40 seconds by October.  For individuals the rate of increase went from every 20 seconds to every 10 seconds.With more than 62 new families of ransomware introduced during the year, the threat grew so aggressively that Kaspersky Lab has named ransomware its key topic for 2016.

The Story of the Year paper forms part of Kaspersky Lab’s annual Kaspersky Security Bulletin that looks back over the year’s major threats and data and predicts what to expect in 2017.

Among other things, 2016 revealed the extent to which the Ransomware-as-a-Service business model now appeals to criminals who lack the skills, resources or inclination to develop their own. Under the arrangement, code creators offer their malicious product ‘on demand’, selling uniquely modified versions to customers who then distribute it through spam and websites, paying a commission to the creator – the main financial beneficiary.

 “The classic ‘affiliate’ business model appears to be working as effectively for ransomware as it does for other types of malware. Victims often pay up so money keeps flowing through the system.  Inevitably this has led to us seeing new cryptors appear almost daily,” said Fedor Sinitsyn, Senior Malware Analyst, Kaspersky Lab.

The Evolution of Ransomware in 2016

In 2016, ransomware continued its rampage across the world, becoming more sophisticated and diverse and tightening its hold on data and devices, individuals and businesses.

  • Attacks on businesses increased significantly. According to Kaspersky Lab research, one in every five businesses worldwide suffered an IT security incident as a result of a ransomware attack and one in every five smaller business never got their files back, even after paying.
  • Some industry sectors were harder hit than others, but our research shows there is no such thing as a low-risk sector: with the highest rate of attack around 23% (Education) and the lowest 16% (Retail and Leisure).
  • 'Educational’ ransomware, developed to give system administrators a tool to simulate ransomware attacks was quickly and ruthlessly exploited by criminals, giving rise to Ded_Cryptor and Fantom, among others.
  • New approaches to ransomware attacks seen for the first time in 2016 included disk encryption, where attackers block access to, or encrypt, not just a couple of files, but all of them at once – Petya is one example. Dcryptor, also known as Mamba, went one step further, locking down the entire hard drive, with the attackers brute-forcing passwords for remote access to a victim machine. 
  • The ransomware Shade demonstrated ability to change its approach to a victim if an infected computer turned out to belong to financial services, downloading and installing spyware instead of encrypting the victim’s files.
  • There was a marked rise in low-quality; unsophisticated ransomware Trojans with software flaws and sloppy errors in the ransom notes – increasing the likelihood of victims never recovering their data.

attacks-on-business-now

Fortunately, 2016 also saw the world begin to unite to fight back. The No More Ransom project, launched in July, brings together law enforcement and security vendors to track down and disrupt the big ransomware families, helping individuals to get their data back and undermining the criminals’ lucrative business model.

The latest versions of Kaspersky Lab products for smaller companies have been enhanced with anti-cryptomalware functionality.  In addition, a new, free anti-ransomware tool has been made available for all businesses to download and use, regardless of the security solution they use.

The full text of the report “Kaspersky Security Bulletin 2016 – Story of the Year: The Ransomware Revolution” is available here. It also includes advice on how to stay safe and why not to pay the ransom.

Further information on the No More Ransom project can be found here.

Other sections of the Kaspersky Security Bulletin include the Threat Predictions 2017 published on 16 November and available here, and the main report’s Executive Summary, Review and Statistics, available in December.

Attacks on Business Now Equal One Every 40 Seconds: Ransomware is Kaspersky Lab’s Story of the Year 2016

In 2016 ransomware attacks on business increased three-fold: which represents a change from an attack every 2 minutes in January to one every 40 seconds by October
Kaspersky logo

关于卡巴斯基

卡巴斯基是一家成立于1997年的全球网络安全和数字隐私公司。卡巴斯基不断将深度威胁情报和安全技术转化成创新的安全解决方案和服务,为全球的企业、关键基础设施、政府和消费者提供安全保护。公司提供全面的安全产品组合,包括领先的端点保护解决方案以及多种针对性的安全解决方案和服务,以及用于应对复杂和不断变化的数字威胁的网络免疫解决方案。全球有超过4亿用户使用卡巴斯基技术保护自己,我们还帮助全球200,000家企业客户保护最重要的东西。要了解更多详情,请访问www.kaspersky.com.cn.

相关文章 企业新闻