In-brief: 2015 was a record year for ransomware, according to Symantec’s latest Internet Security Threat Report. There’s evidence that cyber criminals are coupling ransomware with sophisticated, targeted attacks.
Ransomware has become the scourge du jour in recent months, with high-profile attacks on hospitals, public utilities and even police departments. Now a new report from Symantec offers data to back up the anecdotes about hobbled networks and surreptitious Bitcoin payments to cyber criminal groups.
Symantec’s latest Internet Security Threat Report (ISTR) finds that 2015 was a record year for ransomware, with 100 new families of the malicious software discovered, most of it s0-called ‘crypto ransomware’ which encrypts files on victim computers until ransom is paid.
[Read more Security Ledger coverage of ransomware.]
Attackers are shifting from indiscriminate- to targeted ransomware attacks on specific organizations, increasing the chances of success, while many organizations remain unprepared to block ransomware attacks or deal with the aftermath of infections, Symantec found.
Despite the media’s focus on healthcare organizations, it was the service sector and manufacturing that were the most affected by ransomware in 2015, Symantec found.
Ransoms are up, as well, Symantec found. The average ransom demand has more than doubled and is now US$679, up from $294 at the end of 2015. The company also said 2015 saw a new record in terms of ransom demand, with a threat known as 7ev3n-HONE$T (Trojan.Cryptolocker.AD) requesting a ransom of 13 Bitcoins per computer ($5,083 at the time of discovery in January 2016).
Going forward, Symantec predicts that ransomware as a service offerings will lower the bar for would-be scammers to target victims, while attackers will look to new platforms, like the Internet of Things, in an effort to locate victims.