Download the PDF
In 2016, ransomware continued its rampage across the world, tightening its hold on data and devices, and on individuals and businesses.
The numbers speak for themselves:
62 new ransomware families made their appearance.
There was an 11-fold increase in the number of ransomware modifications: from 2,900 new modifications in January/March, to 32,091 in July/September.
Attacks on business increased three-fold between January and the end of September: the difference between an attack every 2 minutes and one every 40 seconds.
For individuals the rate of increase went from every 20 seconds to every 10 seconds.
One in five small and medium-sized business who paid the ransom never got their data back.
Kaspersky Security Bulletin 2016.<BR>Story of the year” /><br />
<strong>2016 also saw ransomware grow in sophistication and diversity</strong>, for example: changing tack if it encountered financial software, written in scripting languages, exploiting new infection paths, becoming more targeted, and offering turn-key ransomware-as-a-service solutions to those with fewer skills, resources or time – all through a growing and increasingly efficient underground ecosystem.<br />
<strong>At the same time, 2016 saw the world begin to unite to fight back:</strong><br />
The No More Ransom project was launched in July, bringing togetheal Police, Europol, Intel Security and Kaspersky Lab.<BR><BR>A further 13 organizations joined in October.<BR><BR>Among other things, the collaboration has resulted in a number of free online decryption tools that have so far helped thousands of ransomware victims to recover their data.<br />
<strong>This is just the tip of the iceberg – much remains to be done.<BR><BR>Together we can achieve far more than any of us can on our own.</strong></p>
<p><strong>What is ransomware?</strong><br />
Ransomware comes in two forms.<BR><BR>The most common form of ransomware is the cryptor.<BR><BR>These programs encrypt data on the victim’s device and demand money in return for a promise to restore the data.<BR><BR>Blockers, by contrast, don’t affect the data stored on the device.<BR>Instead, they prevent the victim from accessing the device.<BR><BR>The ransom demand, displayed across the screen, typically masquerades as a notice from a law enforcement agency, reporting that the victim has accessed illegal web content and indicating that they must pay a spot-fine. You can find an overview of both forms of ransomware here.</p>
<p>Ransomware: the main trends & discoveries of 2016</p>
<p>“Most ransomware thrives on an unlikely relationship of trust between the victim and their attacker: that, once payment is received, the ransomed files will be returned.<BR><BR>Cybercriminals have exhibited a surprising semblance of professionalism in fulfilling this promise.”<br />
<strong>GReAT, Threat Predictions for 2017</strong></p>
<p><img src=

Leave a Reply