Because the data held for ransom is high value and irretrievable unless the ransom is paid, victims are often left with no other choice than to pay, which in turn draws more cybercriminals into action. In fact, the frequency of attacks is growing so quickly, it could be labeled as epidemic.
There are two types of ransomware: the classic screen-blocker form as well as crypto-ransomware. In a report by Kapersky Lab, the total number of users encountering any type of ransomware between April 2015 and March 2016 increased by 17.7% year over year from 1 967 784 to 2 315 931 users around the world. The number of users attacked with crypto-ransomware rose 5.5 times from 131 111 to 718 536 in.
The share of users encountering ransomware at least once as a proportion of the total number of users encountering malware rose from 3.63% 4.34%.
The share of users hit by crypto-ransomware rose dramatically – up 25%, while the number of users attacked with blockers (ransomware that locks screens) decreased by 13.03% (1,836,673 to 1, 597,395).
The average individual can expect to pay a couple of hundred dollars to free up their data after an attack. These attacks often go unreported, making it difficult to know just how much extortion money is paid each year.
In April, CNBC estimated the cost of ransomware at around $200 million in the first three months of 2016 alone. Late last year, the Cyber Threat Alliance stated that a single piece of ransomware, CrytopWall v3, resulted in an estimated $325 million in damages worldwide over the course of its lifetime. And as far back as June 2014, the FBI issued a report saying CryptoLocker swindled more than $27 million from users over a two-month period.
As crypto-ransomware is one of the most dangerous types of malware ever created, and the consequences of it can be very severe, it is important to know how to protect yourself or your business.
Kaspersky Lab offers some tips to consumers:
* Back-up is a must. The sooner back-up becomes yet another rule in your day-to-day PC activity, the sooner you will become invulnerable to any kind of ransomware.
* Use a reliable security solution. And when using it do not turn off the advanced security features it has. Usually these are features that enable the detection of new ransomware.
* Keep the software on your PC up-to-date. Most widely-used applications (Flash, Java, Chrome, Firefox, Internet Explorer, Microsoft Office) and operating systems (like Windows) have an automatic updates feature. Keep it turned on, and don’t ignore requests from these applications for the installation of updates.
* Keep an eye on files you download from the Internet and receive via email. Especially from untrusted sources. In other words, if what is supposed to be an mp3 file has an .exe extension, it is definitely not a musical track but malware. The best way to be sure that everything is fine with the downloaded content is to make sure it has the right extension and has successfully passed the checks run by the protection solution on your PC.
* If, for some reason your files are encrypted with ransomware and you are asked to pay a ransom, don’t. Every bitcoin transferred to the hands of criminals builds their confidence in the profitability of this kind of cybercrime, which in turn leads to the creation of new ransomware. Many security companies fight ransomware on daily basis and, through cooperation with law enforcement agencies, it is possible they can get the encryption keys for certain families of ransomware, which can eventually lead to decryption of your files. Be sure to report an attack to the police in order to start an investigation.
* Businesses should undertake regular patch management (the act of acquiring, testing, and installing multiple patches (code changes) to an administered computer system).
Adapted from an article by ITonline.com