5 Ways Ransomware Will Evolve In 2017 – StorageCraft IT News
A recent IBM X-Force study shows that %70 of businesses infected with ransomware paid to get access to their data. The same source states that one in two business executives surveyed have experienced ransomware attacks in the workplace. One in two executives say they paid over $10,000 to get their data back, and 20 percent paid over $40,000. With ransomware being so profitable, there is no doubt it will continue to be a threat in 2017, shows a report from security firm MalwareBytes.
They Go Big: Medium Sized Businesses are TargetedThe IBM study also showed how ransomware cybercriminals are starting to aim for the big fish. Only 29% of small businesses surveyed have experience with ransomware attacks, compared to 57% of medium size businesses. According to IBM, end-users will also fork up Bitcoin to get their data back, but not as much as businesses. Fifty percent of end users said they paid money when hit with ransomware. That’s not to say end users are not a target – but it looks like cybercriminals are becoming more savvy in terms of marketing. The study showed the ransom goes up to $500 or more, depending on the victim and the time they wait before paying.
Ransomware Evolution Maximizes ProfitNew ransomware strains are emerging by the thousands each day. There are so many, that it’s hard for security experts to keep up with removal methods. Ransomware models are also adapting to the market and becoming more income-oriented. In December last year, security firm Cyber X showed that KillDisk, a type of ransomware that deleted data off a victim’s computer, now encrypts it instead. Creators figured out there’s no money if the data is gone! So instead of removing information permanently, cybercriminals now leave a glimpse of hope to the victim. This in turn, increases the chances that they can get the ransom amount in Bitcoin. This new adaptation shows that the models are designed specifically to maximize profit.
Social Engineering Scams Introduce MalwareWe know that some social engineering scams are being used to gain access to important data in companies. But the tactics are becoming more aggressive and sophisticated by the minute. In the UK, the “ActionFraud” Center has issued an alert to educational institutes. They warned that cyber-criminals cold-calling British schools and tricking staffers into installing ransomware on the school’s computers. Another warning comes from The Independent, that warns an incredibly clever phishing tactic is rampant. Cybercriminals are sending PDF attachments that open up as Google-like pages in the browser window to anyone who is unlucky enough to click on the message. The design of the page looks stunningly like the real thing:
More than ever, it is vital to have educated and risk-averse employees.