What’s New in the World of Ransomware?
Ransomware, the type of malware that can infect your computers and devices, lock you out of your own files, and demand a ransom to unlock them, is growing rapidly in both incidents and sophistication. In some cases, ransomware is even used as a cover to distract from more serious attacks, so it’s important for everyone to learn what’s new with this persistent threat.
First, it’s clear that these kind of attacks spell success for the malware authors, who have ramped up their distribution. McAfee saw a 59% increase in ransomware in 2017 over the previous year, and a 35% spike in the fourth quarter alone. This is despite the fact that only half of victims who chose to pay the ransom actually recover their files, according to a recent study.
Still, they are clearly profitable for the cybercriminals who usually demand payment in hard-to-trace cryptocurrencies, such as Bitcoin. The fact that cryptocurrencies spiked in value last year, with Bitcoin showing a 10-fold increase alone, is probably another factor. These attacks were estimated to cost victims up to $5 billion globally in 2017, including data loss, downtime and disruption.
What’s more, in order to make money today’s thieves don’t even have to be tech savvy. Ransomware marketplaces have sprouted up online, offering malware strains for any would-be cybercrook, and generating extra profit for the malware authors, who often ask for a cut in the ransom proceeds.
This favorable environment has led to malware innovation. Although computers have been the traditional targets, cybercriminals have recently set their sights on the huge mobile market. Take, for instance, the DoubleLocker malware strain aimed at Android devices. It not only encrypted users’ data, but also changed their PIN codes, locking them out of their devices all together. This malware spread as a phony Adobe Flash Player update.
We have also seen the rise of so-called “pseudo ransomware”, like NotPetya. This malware strain used ransomware as a cover to do even more damage to victims’ data, presumably to cause disruption. Even more concerning was the way it spread— originally planted in accounting software, it could infect other computers without tricking users into downloading it, and evading known ransomware detection. Although this malware displayed a message demanding ransom in Bitcoin, there was no identifying number to track payments and the data was so damaged that there is no way to actually restore files.
Given the growing threats that ransomware and its disruptive variants pose, you need to know what to look out for, and how to protect yourself.
Follow these important tips to steer clear of ransomware:
- Backup your data—The best way to avoid the threat of being locked out of your critical files is to ensure that you always have backup copies of them, preferably in the cloud and on an external hard drive. This way, if you do get a ransomware infection, you can wipe your computer or device free and reinstall your files from backup. This is important not only because it protects your data, but because you are not tempted to reward the malware authors by paying a ransom.Microsoft users, for instance, can opt to use Office 365’s OneDrive Business cloud backup service to recover files. Backups won’t prevent ransomware, but it can mitigate the risks.
- Use security software—Make sure all your computers and devices are protected with comprehensive security software, and keep all of your software up-to-date to safeguard you from the latest ransomware threats.
- Practice Safe Surfing—Be careful where you click. Don’t respond to emails and text messages from people you don’t know, and only download applications from trusted sources. This is important since malware authors often use social engineering to try to get you to install dangerous files.
- Only Use Secure Networks—Avoid using public Wi-Fi networks, since many of them are not secure, and cybercriminals can snoop on your internet usage. Instead, consider installing a VPN, which provides you with a secure connection to the Internet no matter where you go.
- Stay informed—Keep current on the latest threats. This way you know what to look out for. Finally, in the case that you do get a ransomware infection and have not backed up all your files, know that some decryption tools are made available by tech companies to help victims.
More antivirus and malware news?
- Black Hat USA 2023 – Announcements Summary
- Vulnerabilities Found in Emerson SCADA Product Made for Oil and Gas Industry
- Sony attackers also stole certificates to sign malware
- Financial cyberthreats in 2016
- T-Mobile discloses 2nd data breach of 2023, this one leaking account PINs and more
- CPR Deployment
- OT Security Firm Shift5 Adds $33 Million in Funding
- Malicious adware more than doubled last year
- Game Acceleration Module Vulnerability Exposes Netgear Routers to Attacks
- Respond Software Automates SOC Analyst Decisions