Ransomware Boomed in 2016
All rights reserved: Les Echos – Anaëlle Grondin /Worldcrunch
2017 will see the rise of ransomware attacks on mobile and connected devices, cyber security experts have warned.
Cyber security experts had warned us: 2016 was to be the year of ransomware. And unfortunately, they were right. These extortion programs, which lock up a computer’s data and ask its user for a ransom payment, have never been so widespread and diversified.
According to a Kaspersky Lab report published in early December, there were “more than 62 new families of ransomware introduced” in 2016. McAfee Labs meanwhile found an even more impressive figure: Its researchers detected 1.3 million new ransomware in the second quarter of 2016 alone — “the highest ever recorded since McAfee Labs began tracking this type of threat,” according to Intel Security, which acquired the antivirus company in 2010 for $7.68 billion.
Tempted by how easy it is to make money out of stolen information, attackers continue to take advantage of the users’ lack of vigilance. Ransomware victims generally click on an unknown link or open an infected attachment; most of the time, they haven’t backed up their data, which suddenly becomes inaccessible. The hackers then demand a sum of money to restore access — some have turned it into a real business.
Individuals aren’t the only ones who fall into the trap. Companies are more and more often targeted by hackers. In the first quarter of 2016, a ransomware attack on a company happened every two minutes. In the third quarter, it was one every 40 seconds, according to Kaspersky Lab.
“These past two or three years, criminals realized they could make a lot of money that way,” says David Emm, one of the authors of the Kaspersky Lab report. About $300 on average, with millions of such attacks taking place. In some cases, the loot can be a lot higher: In early 2016, a Californian hospital to which hackers were asking $3.4 million, eventually paid up part of this ransom — $17,000 in bitcoins. In 2015, the FBI received 2,400 ransomware-related complaints, for an estimated $24 million in total.
Fabien Rech, regional director of Intel Security for France, also sees the rise of Bitcoin as one of the reasons behind the recent boom in ransomware — although the cryptocurrency was created in the 1990s. Bitcoin, he says, “makes it possible to demand ransoms without leaving traces.” Not to mention the existence of tools on the so-called “dark web” that allow ransomware and money extortion to spread. The users who offer such softwares to third parties can even take a commission on paid ransoms, establishing yet another way of using those threats for financial gain.
“People who have no knowledge whatsoever about hacking can purchase ready-to-use ransomware,” David Emm says. As a consequence, he expects more and more people to just cash the money without restoring their victims’ access to their data, because they won’t necessarily have the required encryption and decryption skills to do so.
Still, Intel Security foresees a decline in the number and efficiency of these threats, from the second half of 2017 on. Small-scale initiatives, the company believes, should decrease against the security sector’s joint efforts (for instance, with the No More Ransom project, which helps victims recover their data without having to pay the hackers), the deployment of anti-ransomware technology and the dismantling of cyber-extortion networks.
The general public shouldn’t, however, lower its guard, as ransomware will likely continue to grow on mobile. According to Intel Security, cyber criminals will combine locking up mobile devices with other forms of attack, such as identity theft, in order to gain access to bank accounts and credit cards.
Fabien Rech also mentions potential attacks on other fronts. “Hackers are ingenious people. ‘Drone-jacking’, for example, could rise and become the next big thing,” he says. This makes the question of security surrounding connected objects all the more crucial. While the Internet of Things is poised to become the center of our daily lives, the constant discovery of new vulnerabilities is all the more unsettling.