In 2016, ransomware continued its rampage across the world, tightening its hold on data and devices, and on individuals and businesses.
The numbers speak for themselves:
- 62 new ransomware families made their appearance.
- There was an 11-fold increase in the number of ransomware modifications: from 2,900 new modifications in January/March, to 32,091 in July/September.
- Attacks on business increased three-fold between January and the end of September: the difference between an attack every 2 minutes and one every 40 seconds.
- For individuals the rate of increase went from every 20 seconds to every 10 seconds.
- One in five small and medium-sized business who paid the ransom never got their data back. (Kaspersky Security)
A recent survey of 500 businesses revealed that nearly half were brought to a standstill by a ransomware attack within the last 12 months. Ransomware is malware that installs covertly on a victim's computer, executes a crypto-virology attack that adversely affects it, and demands a ransom payment to decrypt it or to not publish it.
During the third quarter of the year, there were 32,091 new ransomware variations detected by Kaspersky Lab compared to only 2,900 during the first quarter. Overall, 62 new ransomware families appeared this year, the company said.
Kaspersky's research revealed that small and medium-size businesses were hit the hardest, 42 percent of them falling victim to a ransomware attack over the past 12 months. Of those, one in three paid the ransom, but one in five never got their files back, despite paying.
Overall, 67 percent of companies affected by ransomware lost part or all of their corporate data and one in four victims spent several weeks trying to restore access, the Kaspersky researchers said.
Ransomware attacks have become more targeted, attackers crafting their spear-phishing and social engineering attacks for specific organizations or industry segments that are more likely to be affected by a lack of data availability.
According to Kaspersky, one in five incidents that resulted in significant data loss were caused by employee carelessness or lack of security awareness.
Some when they infect the PC spreads to servers and backup drives as well.