In 2017, 26.2 per cent those targeted by ransomware were business users, compared to 22.6 per cent in 2016. This is due in part to three unprecedented attacks targeting corporate networks that changed forever the landscape for this increasingly virulent threat, according to Kaspersky Lab.

 

2017 will be remembered as the year the ransomware threat suddenly and spectacularly evolved with advanced threat actors targeting businesses the world over with a series of destructive worm-powered attacks whose ultimate goal remains a mystery.

 

These attacks included WannaCry on May 12, ExPetr on June 27, and BadRabbit in late October. They all used exploits designed to compromise corporate networks. Businesses were also targeted by other ransomware and the company prevented ransomware infections on over 240,000 corporate users overall.

 

“The headline attacks of 2017 are an extreme example of growing criminal interest in corporate targets. We spotted this trend in 2016, it has accelerated throughout 2017, and shows no signs of slowing down. Business victims are remarkably vulnerable, can be charged a higher ransom than individuals and are often willing to pay up in order to keep the business operational. New business-focused infection vectors, such as through remote desktop systems are not surprisingly also on the rise,” said Fedor Sinitsyn, Senior Malware Analyst, Kaspersky Lab.

 

Other ransomware trends in 2017

  • Overall, just under 950,000 unique users were attacked in 2017, compared to around 1.5 million in 2016 – with the difference between them largely a reflection of detection methodology (for example: the downloaders often associated with cryptomalware are now better detected by heuristic technologies, so not classified together with the ransomware-related verdicts collected by our telemetry.)
  • The three major attacks, as well as other, less notorious families including AES-NI and Uiwix, used sophisticated exploits leaked online in spring 2017 by a group known as the Shadow Brokers.
  • There was a marked decline in new families of ransomware: 38 in 2017, down from 62 in 2016, with a corresponding increase in modifications to existing ransomware (over 96,000 new modifications detected in 2017, compared to 54,000 in 2016). The rise in modifications may reflect attempts by attackers to obfuscate their ransomware as security solutions get better at detecting them.
  • From the second quarter of 2017, a number of groups ended their ransomware activities and published the keys needed to decrypt files. These included AES-NI, xdata, Petya/Mischa/GoldenEye and Crysis. Crysis later reappeared – possibly raised from the dead by a different group.
  • The growing trend for infecting companies through remote desktop systems continued in 2017, when this approach became one of the main propagation methods for several widespread families, such as Crysis, Purgen/GlobeImposter and Cryakl.
  • 65 per cent of businesses that were hit by ransomware in 2017, said they lost access to a significant amount or even all their data; and one in six of those who paid up never recovered their data. These numbers are largely consistent with 2016.

 

Fortunately, the No More Ransom initiative, launched in July 2016 is thriving. The project brings together law enforcement and security vendors to track down and disrupt the big ransomware families, helping individuals to get their data back and undermining the criminals’ lucrative business model.

 

All Kaspersky Lab products protect users from ransomware. The company’s products also include a layer of technology: System Watcher that can block and roll back malicious changes made on a device, such as the encryption of files or blocked access to the monitor. Further, a free anti-ransomware tool is available for all businesses, regardless of which brand of security software they use.

 

Alongside this, Kaspersky Lab publishes regular threat intelligence overviews of the evolving ransomware landscape, for instance, here and here.

 

The full text of the Story of the Year 2017: Ransomware’s new menace is available here.

 

The report forms part of the annual Kaspersky Security Bulletin. Other sections of the bulletin include the Threat Predictions for 2018 published on 15 November and available here, and the annual Review and Statistics, available in December.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Akamai Announces New Services, Research and Partnerships to Help Customers ‘Connect to Tomorrow’
Techworld Date Posted: 24 October 2017 2:20 PM | 260 Views
Akamai Technologies announced its vision for an integrated approach to delivering world class digital experiences at the ‘EDGE’ Conference – its annual customer event. With customers looking for the fastest online services backed by.... See More
 
Akamai Announces New Services, Research and Partnerships to Help Customers ‘Connect to Tomorrow’
Techworld Date Posted: 2:20 PM | 260 Views
Akamai Technologies announced its vision for an integrated approach to delivering world class digital experiences at the ‘EDGE’ Conference – its annual customer event. With customers looking for the fastest online services backed by...See More

 
NVIDIA Announces GeForce GTX Destiny 2 Bundle and a Comprehensive Graphics and Performance Guide
Techworld Date Posted: 19 October 2017 2:21 PM | 194 Views
The Destiny franchise is coming to PC for the first time in history on October 24, 2017 with the upcoming release of Destiny 2, and NVIDIA has been partnering with Bungie and Activision on.... See More
 
NVIDIA Announces GeForce GTX Destiny 2 Bundle and a Comprehensive Graphics and Performance Guide
Techworld Date Posted: 2:21 PM | 194 Views
The Destiny franchise is coming to PC for the first time in history on October 24, 2017 with the upcoming release of Destiny 2, and NVIDIA has been partnering with Bungie and Activision on...See More

 
Introducing the new special editions to the moto g family moto G5s and moto G5s plus
Techworld Date Posted: 14 October 2017 2:30 PM | 377 Views
Motorola continues to bring unique and intuitive user experiences that Filipinos love and the two new additions to its moto g family: moto g5s and moto g5s plus, come with the latest innovations in.... See More
 
Introducing the new special editions to the moto g family moto G5s and moto G5s plus
Techworld Date Posted: 2:30 PM | 377 Views
Motorola continues to bring unique and intuitive user experiences that Filipinos love and the two new additions to its moto g family: moto g5s and moto g5s plus, come with the latest innovations in...See More

 
Fortinet Predicts Highly Destructive and Self-Learning “Swarm” Cyber Attacks in 2018
Techworld Date Posted: 13 December 2017 4:02 PM | 193 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today unveiled predictions from the Fortinet FortiGuard Labs global research team about the threat landscape for 2018. The trends reveal the methods and strategies.... See More
 
Fortinet Predicts Highly Destructive and Self-Learning “Swarm” Cyber Attacks in 2018
Techworld Date Posted: 4:02 PM | 193 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today unveiled predictions from the Fortinet FortiGuard Labs global research team about the threat landscape for 2018. The trends reveal the methods and strategies...See More

 
Five Short YouTube Docus That Deserve a Spot on Your Playlist Right Now
Techworld Date Posted: 15 September 2018 2:32 PM | 195 Views
In between life hacks and viral videos, YouTube has an exciting selection of thought-provoking documentaries and informative videos that are just as entertaining as they are enlightening.. See More
 
Five Short YouTube Docus That Deserve a Spot on Your Playlist Right Now
Techworld Date Posted: 2:32 PM | 195 Views
In between life hacks and viral videos, YouTube has an exciting selection of thought-provoking documentaries and informative videos that are just as entertaining as they are enlightening.See More

Frank Emmanuel Trazo
Adaptability and Stability
Techworld • By: Frank Emmanuel Trazo | Date Posted: 2 August 2017 2:42 PM | 492 Views
California-based multinational computer technology corporation Oracle continues to push on innovating their Security Operation Center (SOC) cloud service, a cloud-native, management, and identity-based platform designed for every company's security systems. Oracle aims to improve.... See More
Frank Emmanuel Trazo
Adaptability and Stability
Techworld • By: Frank Emmanuel Trazo | Date Posted: 2:42 PM | 492 Views
California-based multinational computer technology corporation Oracle continues to push on innovating their Security Operation Center (SOC) cloud service, a cloud-native, management, and identity-based platform designed for every company's security systems. Oracle aims to improve...See More

 
ADATA XPG SPECTRIX D80 RGB Memory Module with Liquid Nitrogen Cooling Hits 5531MHz Mark
Techworld Date Posted: 1 June 2018 10:45 AM | 357 Views
ADATA® Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, announces that it has overclocked its XPG SPECTRIX D80 RGB DDR4 memory module to 5531MHz in a liquid-nitrogen-cooled configuration. . See More
 
ADATA XPG SPECTRIX D80 RGB Memory Module with Liquid Nitrogen Cooling Hits 5531MHz Mark
Techworld Date Posted: 10:45 AM | 357 Views
ADATA® Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, announces that it has overclocked its XPG SPECTRIX D80 RGB DDR4 memory module to 5531MHz in a liquid-nitrogen-cooled configuration. See More

 
1-in-4 Would Rather Be Caught Naked Than Go Without Their Connected Device
Techworld Date Posted: 28 August 2018 5:07 PM | 155 Views
From helping us get from A to B, to ordering food and staying in touch with friends, the digital world has now become so ingrained in our daily lives that not having internet access.... See More
 
1-in-4 Would Rather Be Caught Naked Than Go Without Their Connected Device
Techworld Date Posted: 5:07 PM | 155 Views
From helping us get from A to B, to ordering food and staying in touch with friends, the digital world has now become so ingrained in our daily lives that not having internet access...See More

 
Institute for Information Industry Gathers International and Domestic STEAM Strength to Realize Future Education Dreams
Techworld Date Posted: 23 September 2017 11:54 AM | 198 Views
In the trend of STEAM education and computational thinking, Digital Education Institute (DEI) of Institute for Information Industry in Taiwan (III) held the event of "TalenTech 2017" from September 10th to 12th with the.... See More
 
Institute for Information Industry Gathers International and Domestic STEAM Strength to Realize Future Education Dreams
Techworld Date Posted: 11:54 AM | 198 Views
In the trend of STEAM education and computational thinking, Digital Education Institute (DEI) of Institute for Information Industry in Taiwan (III) held the event of "TalenTech 2017" from September 10th to 12th with the...See More

 
As Data Volumes Explode, Toshiba and Helium Help the Cloud Float to New Capacity Highs
Techworld Date Posted: 26 April 2018 5:31 PM | 408 Views
Storing digisnaps of places visited and meals eaten, archiving documents, sharing conference materials with colleagues; these days it’s becoming second nature to store all sorts of data in the cloud, where it’s safe until.... See More
 
As Data Volumes Explode, Toshiba and Helium Help the Cloud Float to New Capacity Highs
Techworld Date Posted: 5:31 PM | 408 Views
Storing digisnaps of places visited and meals eaten, archiving documents, sharing conference materials with colleagues; these days it’s becoming second nature to store all sorts of data in the cloud, where it’s safe until...See More


Power by

Download Free AZ | Free Wordpress Themes