dark-shadowing

Over 100 New Ransomware Families Discovered Last Year

100 New Ransomware Families

The world in 2016 sees a rapid rise of ransomware attacks that are increasingly targeting specific businesses and entire industries. A report by David Balaban for privacy-pc.com shows that ransomware attacks have occurred virtually on a daily basis in the past year. Moreover, ransomware groups develop attack techniques that use advanced methods applied in cyberespionage attacks. These attacks target specific industries or large organizations that use outdated cyber defense or are open for attacks.

Ransomware Attacks More Industries

According to a Symantec report, called Ransomware and Business, the services industry is most exposed to ransomware with 38 percent of organizational infections. Other industries that experience heavy ransomware attacks are manufacturing with 17 percent of infections followed by finance, insurance and real Estate and public administration that both account for 10 percent of ransomware infections. Nearly one third of all ransomware infections, 28 percent, occurred in the US. Other most attacked countries include Canada, Australia, India, Japan, Italy, the UK, Germany, the Netherlands, and Malaysia.

Another alarming trend is that the average ransom request now stands at $679 more than two-fold the $294 ransom demand at the end of 2015, according to the report. In 2016, some 100 new ransomware families are discovered while some ransomware groups provide ransomware-as-a-service, which greatly increases the availability of advanced attack techniques for virtually every cybercriminal.

Crypto-ransomware Is Most Common

A new trend shows that the shift towards crypto-ransomware continues and in 2016 only one variant of ransomware was not crypto-ransomware. According, to Symantec 80 percent of all ransomware was crypto-ransomware. A decade ago, the most widespread variants of ransomware were misleading applications such as fake antivirus programs that were used by the attackers to cheat the users to pay a fee for fixing non-existing infections or malware.

At a later stage, the locker type of malware replaces fake antivirus apps but is now itself being replaced by crypto-ransomware. Crypto-ransomware uses encryption techniques that are unbreakable in practice and that is why it is considered the most effective type of ransomware.

A report by Gartner also finds that crypto-ransomware is the most used method to demand ransom from organizations worldwide. Since the crypto-ransomware encrypts is attacking files and data storage devices using unbreakable encryption methods, the best passive defense is to back up data on a regular basis and apply all available security patches on time.

Protection Is Mandatory

Endpoint protection platforms can provide acceptable level of security and protection and Gartner states that no single vendor leads in all functional areas. Therefore, selecting a platform that provides journaling and file backup capabilities is a good option for any business that wants to protect itself from encrypting malware. Another advanced method for protection includes malware sandboxing where any suspicious code is first executed in virtual environment to determine whether this is a malicious programming code. Any business should also take into account a vendor’s strategy for protecting workloads in public cloud Infrastructure-as-a-Service as well as what public cloud IaaS providers are supported by the vendor of the endpoint protection platform.

Furthermore, protection should include methods to detect attacks by malware where programming languages like JavaScript, PHP, Powershell, or Python are used. Attackers used these languages to create several new ransomware families in 2016 and each protection should envisage methods to detect such malicious code.

Ransomware is becoming more sophisticated rapidly and no business should take lightly the danger of ransomware attacks. With crypto-ransomware becoming so widespread, each organization should apply all required security measures and select a feasible endpoint protection platform to defend its data.

By Kiril V Kirilov

Kiril Kirilov

Kiril V. Kirilov is covering IT and business and finance topics as a full-time journalist and freelance writer for over two decades. He also deals with all things content strategy and content marketing.

Kiril analyses all business and new technology trends across the tech industry. He is also founder of a content strategy service.

CONTRIBUTORS

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and ...
Two 2017 Trends From A Galaxy Far, Far Away

Two 2017 Trends From A Galaxy Far, Far Away

Reaching For The Stars People who know me know that I’m a huge Star Wars fan. I recently had the ...
Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and ...
Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the ...
Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...
As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use ...
10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud More companies are turning to the cloud for storage. In fact, over 60 percent ...
What is shadow IT?

How to Make the Move to the Cloud Securely

Move to the Cloud Securely The 2016 Enterprise Cloud Computing Survey from IDG offers multiple interesting insights concerning the state ...
AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility Earlier this week, AWS S3 had to fight its way back to ...

NEWS

VMware and Carbon Black Fundamentally Transform Current Approaches to Data Center and Cloud Security

VMware and Carbon Black Fundamentally Transform Current Approaches to Data Center and Cloud Security

New joint, cloud-based security solution combines enforcement of "known good" application behavior with advanced threat detection and automated remediation WALTHAM, ...
The Department of Defense Cloud

Internet Association asks for U.S. net neutrality vote delay

WASHINGTON (Reuters) - The Internet Association, whose more than 40 members include companies like Google and Amazon, urged the Federal ...
U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

DOWNERS GROVE, Ill., Dec. 8, 2017 /PRNewswire-USNewswire/ -- New hiring in computer and electronics manufacturing and technology services and custom ...