Ransomware Hackers Are Getting More Advanced

Hackers using software to block data and then demand money in return are relying on increasingly advanced techniques more commonly seen in cyber-espionage cases, the antivirus company Symantec Corp. said.

While individuals are still the major target of such ransomware attacks, accounting for about 57 percent of recorded victims, infections of businesses and larger organizations are on the rise, spiking in late 2015, Symantec said recently in its annual “Ransomware and Businesses” report. With global losses due to ransomware attacks climbing, perpetrators have a “gold rush” mentality that is fueling new techniques and higher demands for payments.

“A growing number of gangs are beginning to focus on targeted attacks against large organizations,” according to the Mountain View, California-based company. “Although more complex and time-consuming to perform, a successful targeted attack on an organization can potentially infect thousands of computers, causing massive operational disruption and serious damage to revenues and reputation."

Ransomware hackers drew widespread attention earlier this year when they targeted Hollywood Presbyterian Medical Center’s systems in February. The hospital eventually paid 40 Bitcoin, the electronic currency that was worth about $17,000 at the time.

Two other California hospitals were attacked in the spring, leading to concerns that hospitals were becoming the target of choice for hackers, but the Symantec report said health care "does not appear among the most frequently infected sectors." The service industry and manufacturing industry were the targets of 38 and 17 percent of attacks on organizations from January 2015 to April 2016, respectively.

Ransomware attackers can gain access to files through items like an attachment to a spam e-mail or fake advertisement on a website. The attacks have been growing every year, with the FBI receiving more than 2,400 complaints in 2015 for $24 million in losses -- up from more than 1,800 complaints in 2014. With individuals still the primary victims, partly because they are less likely to have strong security software installed on their computers, the average ransom this year through April was $679.

Symantec’s report says that significant strides in file encryption technology is one of the main drivers of growth in the ransomware business. A record number of new strands, or families, of ransomware were detected in 2015 and about 80 percent of them were able to encrypt the files of the affected server.

Microsoft Corp.’s Windows platform is targeted the most, but the first widespread ransomware attack on the Apple Inc. Mac’s OS X software was recorded in March. Mobile phones are not yet widely attacked, the report said.

Information-Management

 

« What Executives Really Should Know About Social Media
Turning Big Data into Smart Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IEEE Computer Society

IEEE Computer Society

The IEEE Computer Society is the world's leading membership organization dedicated to computer science and technology.

Picasso

Picasso

The Picasso project is focused on ICT Policy, Research and Innovation for a Smart Society: towards new avenues in EU-US ICT collaboration.

NRI Secure Technologies

NRI Secure Technologies

NRI SecureTechnologies is a Cybersecurity group company of the Nomura Research Institute (NRI) and a global provider of next-generation Managed Security Services and Security Consulting.

KOS-CERT

KOS-CERT

KOS-CERT is the national Computer Incident Response Team for Kosovo.

Travelers

Travelers

Travelers is a leading writer of US commercial property casualty insurance and one of the world’s largest global insurers for cyber insurance.

Trinity Cyber

Trinity Cyber

Trinity Cyber’s patent-pending technology stops attacks before they reach internal networks,reducing risk and increasing cost to adversaries.

CipherBlade

CipherBlade

CipherBlade specializes in blockchain forensics, data science and transaction tracking.

HSB

HSB

HSB offers insurance for equipment breakdown, cyber risk, data breach, identity recovery & employment practices liability.

Nucleus Security

Nucleus Security

Nucleus is a leading Vulnerability Management platform for Large Enterprises, MSPs/MSSPs, and Application Security Teams that want more from their vulnerability management tools.

Forever Group

Forever Group

Forever Group is a Managed Services Provider specialising in Telecommunications, IT Support, and Cyber Security.

Pragma Strategy

Pragma Strategy

Pragma is a CREST approved global provider of cybersecurity solutions. We help organisations strengthen cyber resilience and safeguard valuable information assets with a pragmatic approach.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

Logically.ai

Logically.ai

Logically combines artificial intelligence with expert analysts to tackle harmful and manipulative content at speed and scale.

63 Moons Technologies (63MT)

63 Moons Technologies (63MT)

63 Moons Technologies is a world leader in providing next-generation technology ventures, innovations, platforms, and solutions.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.

Argantic

Argantic

Argantic aims to help organisations thrive and reach their full potential in a modern cloud-centric era.