Kaspersky: Ransomware that encrypts is booming

Android mobile ransomware is on the rise, too

Over the past year the number of machines hit by ransomware that encrypts all or part of the hard drive is five-and-a-half times what it was the year before, according to Kaspersky Lab.

The number in 2014-2015 was 131,111 compared to 718,536 in 2015-2016, according to the company’s report Ransomware in 2014-2016.

+ ALSO ON NETWORK WORLD: Finally reason to hope in fight against ransomware | 5 things to know about ransomware +

Those numbers are just some of the statistics gathered by Kaspersky Security Network, which collects anonymized statistics from its customers who opt in to sharing data gathered by Kaspersky gear in their networks. They show in a number of ways that ransomware, particularly cryptor ransomware, is on the rise.

For example, there was a significant percentage increase in cryptor ransomware from 6.6% to 31.6%, the report says. Those users encountering any kind of ransomware also rose significantly between April 2015 and March 2106, from 1.97 million to 2.3 million, a bump of 17.7%.

At the same time, Win-Locker ransomware – the kind that ties up use of a machine by blocking the screen – dropped 13.03%, from 1,836,673 in 2014-2015 to 1,597,395 in 2015-2016, Kaspersky says.

Use of cryptors had been growing steadily but slowly until last November when it made a four-fold spike that dropped down again in February. But it’s been on a steep increase since, reaching the same levels as the earlier spike as of the end of March, Kaspersky says.

The results showed that the incidents of any kind of ransomware infection rose as a percentage of all malware attacks from 3.63% in 2014-2015 to 4.34% in 2015-2016.

Attackers behind the production of ransomware are focusing more now on mobile devices than before, the report says, given that the number of users attacked with mobile ransomware grew almost four times from 35,413 users in 2014-2015 to 136,532 users in 2015-2016. That was measured by stats gathered from Kaspersky customers using its Android protection software.

+ RELATED: 11 ways to fight off ransomware +

“Mobile ransomware merged as a follow-up to PC ransomware and it is likely that it will be followed-up with malware targeting devices that are very different to a PC or a smartphone,” the report says. These include smart watches and smart TVs, and entertainment systems in homes and cars. “There are a few proof-of concepts for some of these devices, and the appearance of actual malware targeting smart devices is only a question of time.”

Two families of mobile ransomware, Fusob and Small, account for 93.5% of attacks in the latest period, according to the report.

Kaspersky says curbing malware will only happen if law enforcement catches and successfully prosecutes the attackers to deter others from entering the business.

Contributing to the ransomware boom are readily accessible ransomware kits that don’t take a lot of technical expertise to use, Kaspersky says.

Join the CSO newsletter!

Error: Please check your email address.

Tags kasperskyransomeware attackers

More about Kaspersky

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place