Ransomware attacks are taking a bigger toll on victims' wallets

Credit to Author: Michael Kan| Date: Thu, 27 Apr 2017 11:26:00 -0700

Hackers spreading ransomware are getting greedier. In 2016, the average ransom demand to free computers hit with the infection rose to $1,077, up from $294 the year before, according to security firm Symantec.

“Attackers clearly think that there’s more to be squeezed from victims,” Symantec said in a Wednesday report

In addition, the security company has been detecting more ransomware infection attempts. In 2016, the figure jumped 36 percent compared with the prior year.  

That doesn’t bode well for the public. Ransomware is notorious for taking over computers, and essentially holding them hostage. To do so, the malicious coding encrypts all the data inside, and then demands a ransom, usually in bitcoin, in exchange for releasing the machine.

In 2016, consumers made up 69 percent of all ransomware infections, with the remainder targeting enterprises, according to Symantec.

“More and more attackers are now jumping on the ransomware bandwagon and creating new ransomware families or modifying existing ones,” the security firm said.

Helping to fuel the ransomware boom is the digital black market, where hackers can sell ransomware kits for as little as $10 and as much as $1,800, making it easier for other cybercriminals to join in.

Fortunately, ransomware attacks can also be easily dodged. Consumers, for instance, should be wary around email spam, which remains the popular way for hackers to spread ransomware, Symantec said.

Ransomware detections by country in 2016. 

Cybercriminals will often bundle their emails with attachments that can secretly download the ransomware onto a computer, if the emails are opened. “In many cases, the victim would receive a spam email designed to appear like an invoice or receipt from a company,” Symantec said.

Bad actors will also spread ransomware through exploit kits, or automated hacking toolsets, that operate on tampered websites. The kits can work by scanning a victim’s web browser for any unpatched software vulnerabilities and then exploiting them to serve ransomware.

To prevent the infections, users should keep their computer’s software up to date. That includes any publicly facing servers. In one case, hackers spread ransomware to a business by compromising a server through an unpatched vulnerability, Symantec said.

The security firm also advises users to delete any suspicious-looking emails, especially those that contain attachments or any links.

If a company is struck with a ransomware attack, the threat can be lessened if the most important data has been backed up. There are also free tools on the internet that can decrypt certain ransomware infections. 

Symantec’s report found that 34 percent of victims pay the ransom. However, only 47 percent reported getting their files back.

http://www.computerworld.com/category/security/index.rss