The Windows Club

Ransomware Growth and Infection Statistics

Cyber threats have made big shifts in the recent past. Attackers have further honed their ability to target attacks and evade conventional cyber defenses. The Ransomware threat has come roaring in record volumes and new forms. At the same time, malware designed to steal bank account credentials surged in highly tailored attack campaigns. The hackers mostly used social media and mobile devices as the primary target of ransomware as these were the sectors that saw the biggest growth with respect to overall volume.

Ransomware growth

Ransomware has grown at an alarming rate in 2016. It uses Email & Social Engineering to enter your computer systems. The variety of new ransomware has grown tenfold over Q4 2015, and it continues to increase – especially the strains delivered by exploit kits (EK). Among these EK-distributed variants, and in smaller email campaigns, CryptXXX remained the dominant ransomware payload.

The number of new ransomware families we have seen to date in 2016 alone has already eclipsed the total 2015 volume by over 170%.

The volume of malicious email with JavaScript attachments rose a whopping 69% compared to last quarter. Even new campaigns broke into more than 100 million email messages. JavaScript attachments are the clear winner when it comes to ransomware on email. Locky ransomware actors have worked cleverly to develop attachments that can bypass traditional defense mechanism. A user will thus click on the attachment, because of its harmless appearance.

Most emails with malicious documents attached featured the popular ransomware strain Locky ransomware. Among the billions of messages that used malicious document attachments, around 97% featured Locky ransomware, that is an alarming 64% increase from Q1 2016 when it was first discovered, say this report.

The wild card entry for this quarter was the Trojan Dridex. It reemerged in larger campaigns and also appeared in highly personalized campaigns totaling tens to hundreds of thousands of messages, a trend that began in Q2 and continued into Q3. The trojans were also used for Malvertising – a practice that involves a combination of malware and genuine-looking online advertising codes.

Along with Ransomware distribution and infection, extortion has seen a natural growth. While some studies predict that around $200 million was paid to thieves in 2016, the FBI says it is much more than $1 Billion. This is mostly because the ransom demand per hack has gone up considerably from $250 to almost $700 this year.

Read: Incidence of Ransomware in India.

While many are falling prey to Ransomware attacks, some are clever enough to have dealt with it better. The majority of organizations invest in Ransomware prevention every year. Thus, 80% of the organizations are confident that their backups will help protect them from paying ransomware, and half of them actively backup and test this feature.