In 2017, 26.2 per cent those targeted by ransomware were business users, compared to 22.6 per cent in 2016. This is due in part to three unprecedented attacks targeting corporate networks that changed forever the landscape for this increasingly virulent threat, according to Kaspersky Lab.

 

2017 will be remembered as the year the ransomware threat suddenly and spectacularly evolved with advanced threat actors targeting businesses the world over with a series of destructive worm-powered attacks whose ultimate goal remains a mystery.

 

These attacks included WannaCry on May 12, ExPetr on June 27, and BadRabbit in late October. They all used exploits designed to compromise corporate networks. Businesses were also targeted by other ransomware and the company prevented ransomware infections on over 240,000 corporate users overall.

 

“The headline attacks of 2017 are an extreme example of growing criminal interest in corporate targets. We spotted this trend in 2016, it has accelerated throughout 2017, and shows no signs of slowing down. Business victims are remarkably vulnerable, can be charged a higher ransom than individuals and are often willing to pay up in order to keep the business operational. New business-focused infection vectors, such as through remote desktop systems are not surprisingly also on the rise,” said Fedor Sinitsyn, Senior Malware Analyst, Kaspersky Lab.

 

Other ransomware trends in 2017

  • Overall, just under 950,000 unique users were attacked in 2017, compared to around 1.5 million in 2016 – with the difference between them largely a reflection of detection methodology (for example: the downloaders often associated with cryptomalware are now better detected by heuristic technologies, so not classified together with the ransomware-related verdicts collected by our telemetry.)
  • The three major attacks, as well as other, less notorious families including AES-NI and Uiwix, used sophisticated exploits leaked online in spring 2017 by a group known as the Shadow Brokers.
  • There was a marked decline in new families of ransomware: 38 in 2017, down from 62 in 2016, with a corresponding increase in modifications to existing ransomware (over 96,000 new modifications detected in 2017, compared to 54,000 in 2016). The rise in modifications may reflect attempts by attackers to obfuscate their ransomware as security solutions get better at detecting them.
  • From the second quarter of 2017, a number of groups ended their ransomware activities and published the keys needed to decrypt files. These included AES-NI, xdata, Petya/Mischa/GoldenEye and Crysis. Crysis later reappeared – possibly raised from the dead by a different group.
  • The growing trend for infecting companies through remote desktop systems continued in 2017, when this approach became one of the main propagation methods for several widespread families, such as Crysis, Purgen/GlobeImposter and Cryakl.
  • 65 per cent of businesses that were hit by ransomware in 2017, said they lost access to a significant amount or even all their data; and one in six of those who paid up never recovered their data. These numbers are largely consistent with 2016.

 

Fortunately, the No More Ransom initiative, launched in July 2016 is thriving. The project brings together law enforcement and security vendors to track down and disrupt the big ransomware families, helping individuals to get their data back and undermining the criminals’ lucrative business model.

 

All Kaspersky Lab products protect users from ransomware. The company’s products also include a layer of technology: System Watcher that can block and roll back malicious changes made on a device, such as the encryption of files or blocked access to the monitor. Further, a free anti-ransomware tool is available for all businesses, regardless of which brand of security software they use.

 

Alongside this, Kaspersky Lab publishes regular threat intelligence overviews of the evolving ransomware landscape, for instance, here and here.

 

The full text of the Story of the Year 2017: Ransomware’s new menace is available here.

 

The report forms part of the annual Kaspersky Security Bulletin. Other sections of the bulletin include the Threat Predictions for 2018 published on 15 November and available here, and the annual Review and Statistics, available in December.


RECOMMENDED ARTICLE FOR TECHWORLD


PCBG Contributing Writer
Making Money from Lootboxes
Techworld • By: PCBG Contributing Writer | Date Posted: 6 March 2018 4:10 PM | 280 Views
Some people make money from gaming. There are gaming commentators on the web. Some play in tournaments. Others develop gaming apps. But what if you’re just some guy on your computer seat, and you’re.... See More
PCBG Contributing Writer
Making Money from Lootboxes
Techworld • By: PCBG Contributing Writer | Date Posted: 4:10 PM | 280 Views
Some people make money from gaming. There are gaming commentators on the web. Some play in tournaments. Others develop gaming apps. But what if you’re just some guy on your computer seat, and you’re...See More

 
Must-Have Christmas Bundles on Your Shopping List
Techworld Date Posted: 14 December 2018 4:45 PM | 116 Views
Everyone’s favourite holiday is a few carols away. To help everyone check off items on their holiday shopping lists, HMD Global, the home of Nokia phones, offers timely and reliable gift ideas that will.... See More
 
Must-Have Christmas Bundles on Your Shopping List
Techworld Date Posted: 4:45 PM | 116 Views
Everyone’s favourite holiday is a few carols away. To help everyone check off items on their holiday shopping lists, HMD Global, the home of Nokia phones, offers timely and reliable gift ideas that will...See More

 
Chafer Cyberespionage Group Targets Embassies with Updated Homebrew Spyware
Techworld Date Posted: 7 February 2019 2:07 PM | 154 Views
Kaspersky Lab researchers have detected multiple attempts to infect foreign diplomatic entities in Iran with homebrew spyware. The attacks appear to be using an updated Remexi backdoor. Several legitimate tools were also used during.... See More
 
Chafer Cyberespionage Group Targets Embassies with Updated Homebrew Spyware
Techworld Date Posted: 2:07 PM | 154 Views
Kaspersky Lab researchers have detected multiple attempts to infect foreign diplomatic entities in Iran with homebrew spyware. The attacks appear to be using an updated Remexi backdoor. Several legitimate tools were also used during...See More

 
Fortinet Continues Commitment to Close the Cyber Skills Gap though Its NSE Institute Training and Certification Program
Techworld Date Posted: 11 May 2019 11:09 AM | 74 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has continued to lead the way on training and education in the company’s ongoing efforts to close the cyber security skills.... See More
 
Fortinet Continues Commitment to Close the Cyber Skills Gap though Its NSE Institute Training and Certification Program
Techworld Date Posted: 11:09 AM | 74 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has continued to lead the way on training and education in the company’s ongoing efforts to close the cyber security skills...See More

 
Nokia Mobile Store, Kiosks Open in SM Malls
Techworld Date Posted: 28 May 2018 4:27 PM | 425 Views
In line with its goal of connecting the world one Nokia phone at a time, HMD Global, the home of Nokia phones, is excited to announce the opening of its new Nokia mobile concept.... See More
 
Nokia Mobile Store, Kiosks Open in SM Malls
Techworld Date Posted: 4:27 PM | 425 Views
In line with its goal of connecting the world one Nokia phone at a time, HMD Global, the home of Nokia phones, is excited to announce the opening of its new Nokia mobile concept...See More

 
Fortinet Secures the Path to 5G with Proven Security Architecture and Solutions
Techworld Date Posted: 5 March 2019 3:51 PM | 196 Views
Fortinet (NASDAQ: FTNT), a global leader in broad, integrated and automated cyber security solutions, has announced extensive capabilities for securing the path to 5G with its expansive breadth and depth of solutions for mobile.... See More
 
Fortinet Secures the Path to 5G with Proven Security Architecture and Solutions
Techworld Date Posted: 3:51 PM | 196 Views
Fortinet (NASDAQ: FTNT), a global leader in broad, integrated and automated cyber security solutions, has announced extensive capabilities for securing the path to 5G with its expansive breadth and depth of solutions for mobile...See More

 
KINGMAX’s Entry-Level M.2 PCIe SSD PJ3280 Satisfies the Need for Upgrades Where Speed Is of Paramount Importanc
Techworld Date Posted: 30 August 2018 4:56 PM | 208 Views
KINGMAX, a world-renowned professional memory manufacturer, has consummated its product line of M.2 2280 PCIe NVMe solid-state drives (SSDs). See More
 
KINGMAX’s Entry-Level M.2 PCIe SSD PJ3280 Satisfies the Need for Upgrades Where Speed Is of Paramount Importanc
Techworld Date Posted: 4:56 PM | 208 Views
KINGMAX, a world-renowned professional memory manufacturer, has consummated its product line of M.2 2280 PCIe NVMe solid-state drives (SSDs)See More

 
Lian Li Strimer RGB Cable Now Available for Pre-Order
Techworld Date Posted: 13 July 2018 2:28 PM | 860 Views
Lian Li Industrial Co. Ltd., world’s leading manufacturer of aluminum chassis for enthusiasts, custom OEM/ODM case solutions and case accessories is proud to announce that the world’s most innovative cable extension, Lian Li Strimer.... See More
 
Lian Li Strimer RGB Cable Now Available for Pre-Order
Techworld Date Posted: 2:28 PM | 860 Views
Lian Li Industrial Co. Ltd., world’s leading manufacturer of aluminum chassis for enthusiasts, custom OEM/ODM case solutions and case accessories is proud to announce that the world’s most innovative cable extension, Lian Li Strimer...See More

 
Nokia 8 Flagship Android Smartphone Arrives in PH
Techworld Date Posted: 30 September 2017 11:39 AM | 308 Views
Ending weeks of anticipation, HMD Global unveils Nokia's new flagship smartphone, the Nokia 8, today at the Intramuros Ballroom, Manila House, Taguig.. See More
 
Nokia 8 Flagship Android Smartphone Arrives in PH
Techworld Date Posted: 11:39 AM | 308 Views
Ending weeks of anticipation, HMD Global unveils Nokia's new flagship smartphone, the Nokia 8, today at the Intramuros Ballroom, Manila House, Taguig.See More

 
Parental Police: Being ‘bad cop’ Isn’t Shielding Kids from Online Threats
Techworld Date Posted: 25 April 2018 4:45 PM | 400 Views
The risks associated with growing up in an online world are not only giving parents a headache, but the time their children are spending online is a real cause for concern. As a result,.... See More
 
Parental Police: Being ‘bad cop’ Isn’t Shielding Kids from Online Threats
Techworld Date Posted: 4:45 PM | 400 Views
The risks associated with growing up in an online world are not only giving parents a headache, but the time their children are spending online is a real cause for concern. As a result,...See More


Power by

Download Free AZ | Free Wordpress Themes