2016 State of Ransomware Report: What is Ransomware & How to Prevent It & Other Topics
2016 was a landmark year for cybersecurity. More companies found themselves falling prey to ransomware in 2016 than in years past, a trend that shows no signs of abating anytime soon. These attacks come in many forms, but they essentially hold a database or server hostage until the victim pays the proposed ransom. So, what can companies do to protect themselves from ransomware in 2016 and beyond? Read our 2016 State of Ransomware Report to learn more.
What is Ransomware?
Ransomware is a form of malware that interferes with the standard operation of a database or computer system. The program will either lock the person out of the system or encrypt the files by copying them to a remote database and deleting the local copy.
The malware can be sent through different means, such as email, text messages, and other fraudulent messages. In many cases, the sender will pose as a legitimate company in order to get the target recipient to open the message.
Malware is usually stored as an attachment or link. Once the recipient clicks on the attachment or link, the malware can render the person’s computer system useless. The criminal will then hold the files or system for ransom. They will include detailed instructions on how the money should be paid. Once the victim pays the money, the criminal agrees to remove the malware, thus restoring access to the files. The ransomware may even come with a time limit. If the victim doesn’t pay up before the clock runs out, the files may be destroyed permanently.
Latest Trends in Ransomware 2016:
Ransomware attacks get more advanced with every passing year and 2016 was no exception. Companies are facing more threats than ever before. The number of reported ransomware attacks has increased dramatically over the last few years.
According to the 2015 McAfee Threat Report, there were 725,000 ransomware samples collected by researchers during the first quarter of 2015 alone, marking a 165% increase from the year before. Not only are these threats becoming more common, but they’re also becoming more dangerous as well. Norton’s 2015 Ransomware On The Rise report shows that 68,000 computers were infected during one calendar month, which comes out to around 5,700 infected devices per day.
Here are some of the ways ransomware changed during 2016:
The Rise of Bitcoin
Most cyber criminals prefer to get paid in Bitcoin, a form of cryptocurrency that lives on the blockchain. The victim will need to transfer the money into bitcoin before paying the criminal. Cyber criminals prefer using Bitcoin because each transaction is encrypted, which makes it easy for them to hide their identity. Bitcoin is also unregulated and can be transferred to any server in the world. However, others will ask to be paid in prepaid debit cards or gift cards that are difficult to track.
Victims will often receive instructions on how to set up Bitcoin by adding it to their digital wallet.
The Business of Ransomware
Like traditional companies, cyber criminals appear to be increasingly concerned with their reputations. That’s why many criminals follow through on their promise to release the files once the ransom has been paid. If they refuse to remove the malware, other companies may be less inclined to pay the ransom.
Cyber criminals are also moving upstream by creating toolkits for creating ransomware that other criminals can use to steal money. In exchange for using their services, the criminal will usually take a 20% cut of all ransom generated using the malware.
There are many different types of malware, but criminals are starting to invest in more competent malware programs that inflict more damage on the intended victim. Malware programs such as CryptoLocker, CryptoWall, and TorrentLocker use sophisticated encryption methods to prevent companies from recouping their data without paying the ransom. Hackers can now choose between different programs when mounting an attack.
How to Prevent Ransomware:
Hackers rely on what’s known as the “human element” when spreading ransomware. They will usually spread the malware across hundreds, if not thousands, of individual computers and devices with the hope that someone in the company or organization will accidentally open the file or attachment. Humans can be prone to errors. If the employee doesn’t know what to look for or believes the hacker is who they say they are, they could infect the company’s system with malware by mistake.
According to the IBM Security Services 2014 Cyber Security Intelligence Index, human error accounts for almost 95% of all security incidents – not just ransomware.
That’s why it is important to engage in cyber exposure management and create a robust cybersecurity training program for every employee. Workers should verify email addresses and avoid clicking on attachments that may contain malware.
Additional ransomware prevention tips include:
- Disabling macros for software programs and installing viewers instead, so individuals can view documents without using macros.
- Limit file permissions to limit the number of people with access to these documents.
- Backup files and store them off-site to avoid having to pay the ransom.
- Hire a professional risk assessment company to identify and rank the criticality of your vulnerabilities. This provider should also set up a plan for vulnerability remediation.
Ransomware is here to stay. Download the full report to learn more about ransomware prevention.