Ransomware Hackers Are Getting More Advanced

Hackers using software to block data and then demand money in return are relying on increasingly advanced techniques more commonly seen in cyber-espionage cases, the antivirus company Symantec Corp. said.

While individuals are still the major target of such ransomware attacks, accounting for about 57 percent of recorded victims, infections of businesses and larger organizations are on the rise, spiking in late 2015, Symantec said recently in its annual “Ransomware and Businesses” report. With global losses due to ransomware attacks climbing, perpetrators have a “gold rush” mentality that is fueling new techniques and higher demands for payments.

“A growing number of gangs are beginning to focus on targeted attacks against large organizations,” according to the Mountain View, California-based company. “Although more complex and time-consuming to perform, a successful targeted attack on an organization can potentially infect thousands of computers, causing massive operational disruption and serious damage to revenues and reputation."

Ransomware hackers drew widespread attention earlier this year when they targeted Hollywood Presbyterian Medical Center’s systems in February. The hospital eventually paid 40 Bitcoin, the electronic currency that was worth about $17,000 at the time.

Two other California hospitals were attacked in the spring, leading to concerns that hospitals were becoming the target of choice for hackers, but the Symantec report said health care "does not appear among the most frequently infected sectors." The service industry and manufacturing industry were the targets of 38 and 17 percent of attacks on organizations from January 2015 to April 2016, respectively.

Ransomware attackers can gain access to files through items like an attachment to a spam e-mail or fake advertisement on a website. The attacks have been growing every year, with the FBI receiving more than 2,400 complaints in 2015 for $24 million in losses -- up from more than 1,800 complaints in 2014. With individuals still the primary victims, partly because they are less likely to have strong security software installed on their computers, the average ransom this year through April was $679.

Symantec’s report says that significant strides in file encryption technology is one of the main drivers of growth in the ransomware business. A record number of new strands, or families, of ransomware were detected in 2015 and about 80 percent of them were able to encrypt the files of the affected server.

Microsoft Corp.’s Windows platform is targeted the most, but the first widespread ransomware attack on the Apple Inc. Mac’s OS X software was recorded in March. Mobile phones are not yet widely attacked, the report said.

Information-Management

 

« What Executives Really Should Know About Social Media
Turning Big Data into Smart Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Flashpoint

Flashpoint

Flashpoint is a globally trusted leader in risk intelligence for organizations that demand the fastest, most comprehensive coverage of threatening activity on the internet.

Crossword Cybersecurity

Crossword Cybersecurity

We work with research intensive European university partners to identify promising cyber security intellectual property from research that meets emerging real-world challenges.

Red Balloon Security (RBS)

Red Balloon Security (RBS)

Red Balloon Security is a leading embedded device security company, delivering deep host-based defense for all devices.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

IDnow

IDnow

IDnow is the world’s fastest, most flexible and most secure identity verification platform, delivering instant verification of the identity documents used by 7 billion people.

Emsisoft

Emsisoft

Emsisoft protects your devices against all types of malware, ransomware and other threats with no-bloat anti-malware & antivirus solutions.

CTM360

CTM360

CTM360 is a unified external security platform offering 24x7x365 Cyber Threat Management for detecting and responding to cyber threats.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

Wolf Hill Group

Wolf Hill Group

Wolf Hill Group, a Slone Partners company, is a national recruitment firm focused on Cybersecurity.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

Bitbone

Bitbone

Bitbone develop IT infrastructure and IT security solutions that create long-term value.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.

Guernsey

Guernsey

Guernsey provides a wide range of engineering, architecture and consulting services to multiple markets, including cybersecurity consulting and CMMC certification.

Metmox

Metmox

Metmox mission is to be trusted advisor and partner to protect our customer’s evolving Cloud, Network, Application, IT infrastructure and cybersecurity needs.

Nullify

Nullify

Nullify is your automated security sentry that continuously finds and fixes security issues across your codebase.