It Only Takes $100 to Become a Professional Cybercriminal?
Security tycoon, SonicWall, just released their 2017 Annual Threat Report and the ransomware statistics are unlike anything seen in recent years. Ransomware attacks on small and medium sized businesses reached $638 Million in 2016, a far cry from the $3.8 Million reported in 2015. There were $209 Million in ransom paid in the first quarter of 2016 alone. The ransomware growth was on an upward climb throughout the year, and SonicWall expects the trend to increase in 2017.
The first noted spike in ransomware cases was experienced in March of 2016, when attack attempts shot up from 282,000 to 30 million in the course of one month. By the end of the fourth quarter of 2016, there were 267 Million recorded attack attempts. The drastic increase of attacks was attributed to easier access in the underground market, the extremely low cost of conducting a ransomware attack, the ease of spreading it, and the low risk of being caught or punished.
The rise of ransomware-as-a-service (RaaS) made ransomware significantly easier to obtain and deploy. Attackers no longer have to be sophisticated coders, they are simply a download and malware kit away from being a professional cybercriminal. For as little as $100, even you could become a cybercriminal overnight. And the sad reality is that most RaaS offer their malware for free. According to SonicWall, another factor driving ransomware was the mass adoption of bitcoin. Before this cryptocurrency existed, payments could be tracked.
When you get hit with ransomware, you are faced with an urgent and terrifying decision: “to pay, or not to pay.” In some cases, those who opted to pay were able to negotiate a lower ransom to regain access to their data and systems. In other cases, those who paid the ransom never received access to their data.
The most popular payload for malicious email campaigns in 2016 was the Locky ransomware. This was utilized in more than 500 Million reported attacks. Locky was most commonly delivered via email as a Microsoft Work document attachment under the guise of an invoice from a vendor requesting payment. When the attachment was opened, the end user would be instructed to enable macros, which would set off a chain reaction leading to the encryption of the user’s files and the demand for ransom.
Although reports of Locky seemed to be lower through January, this probably just means that a newer and more malicious form of ransomware is being developed. Currently, there is one type of developed anti-virus that uses mathematical algorithms and artificial intelligence to stop ransomware in real-time, and NSG has partnered with them. To learn how you can protect your business from ransomware, please contact NSG today via phone or at [email protected]