Ransomware on the rise, expected to grow in 2013: Symantec

Security vendor sees a growing number of users having their PC infected with malware that demand a ransom

With increasing ransomware activity in Europe, US, and Canada, Symantec expects it to spread to regions such as Australia, as well.

This observation comes the way of a recent whitepaper by the security vendor, titled Ransomware: A Growing Menace, which found limited ransomware activity in Australia, but expects it to grow in 2013.

Symantec Pacific region specialist solutions director, Sean Kopelke, said ransomware itself is nothing new and has been around since 2009, but points out it was not heavily used back then.

“When we look at the cyber crimals, who are more and more monetary driven, malicious malware in the past was created more to annoy us,” he said.

“We’ve seen that move to a monetary focus from the type of malware they are creating.”

A common trick employed has been the fake antivirus scenario, which entails sending a message to the user, making them aware something is wrong with their machine, and then offering to fix that.

“That has been an ongoing problem for all security vendors, though it has been addressed well and the market is starting to understand and identify those types of malware attacks on their system,” Kopelke said.

This shift to ransomware consists of a similar business model, where the hacker sends something to the user and gets them to emotionally react to a scenario quickly, such as a small payment to take care of it.

Kopelke said there are requests for payments as small as $10 to $15, all the way up to the hundreds of dollars.

“They do that by making people feel as if they have to do that as soon as possible,” he said.

One method used for ransomware is to make it look like the messages are being sent by law enforcement.

“We’re seeing scenarios where they are convincing the user that law enforcement has identified the browsing of illicit material online and then locks their device,” Kopelke said.

That is what ends up forcing the action on the user’s end, as the ransomware is able to lock and stop the use of the system.

“The only thing they can do is make a payment to unlock those systems,” Kopelke said.

New world order

In addition to the ransomware observation, Symantec has also made several predictions for the security space for 2013.

For one, Kopelke says there is going to be more activity in the social network space.

“For the last year of two, we have already been seeing some of the scams that are coming into social networks, encouraging people to click on links and follow through to things,” he said.

The way that hackers are generating revenue is by getting users to click through to certain web sites.

“What we’re seeing is a lot of major social network players are now integrating payment methods into their systems, so that is going to raise another target point for hackers to focus on,” Kopelke said.

Symantec expects conflicts between nations, organizations and individuals to predominately take place in the cyber world in 2013, as well as a spike in malware as companies seek to drive mobile ad revenue.

When it comes to security threats, Kopelke said Symantec is a “great believer in following the money.”

“As people start moving more and more to their mobile platform, to using more devices and interacting with Cloud applications, we’re going to see more targeted threats going into those environments,” he said.

“Hackers are going to start exploiting security risks on mobile devices, but also financial and credit information in there, so that whole area of malware focused on the mobile device will continue to be a big shift.”

Join the CSO newsletter!

Error: Please check your email address.

Tags symantecransomwaremalware

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Patrick Budmar

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts