Ransomware samples have rocketed by 127% over the year from Q2 2014 to Q2 2015, according to McAfee’s recently published threats report. Furthermore, the number of new ransomware samples increased by 58% in Q2, compared to the previous quarter.
New ransomware strains such as CTB-Locker and CryptoWall have been highlighted as the cause of this increase. A growing ‘malware as a service’ market is emerging that makes ransomware attacks available to anyone, with user friendly consoles to instigate attacks.
The report said “Off-the-shelf toolkits for malware, affiliate programs for ransomware, fill-in-the-blank attack-creation programs, and other familiar business offerings have been showing up in the dark web to support faster, simpler and broader distribution of attacks. It now takes very little skill to be a cyber-criminal.”
Even with security protections in place, the lucrative rewards of ransomware means criminals are constantly adapting attacks to bypass protection systems.
Responsible user practises is of course the cybersecurity measure that can be the most difficult to implement company-wide, but it’s an essential line of prevention. This boils down to education about avoiding suspicious emails, attachments and links, and also keeping applications and operating systems updated and patched.
In McAfee’s report, it’s noted that over the past five years a big surprise is the “continued lack of attention—by businesses and consumers alike— to updates, patches, password security, security alerts, default configurations, and other easy but critical ways to secure cyber and physical assets.”
One formidable precaution against ransomware is a disaster recovery plan that utilises cloud backup. If such an attack occurs, by taking the effected device off your network immediately, deleting the encrypted files and downloading clean versions of the files from backup, you will avoid business disruptive data loss.
For more information about this growing threat, see our previous post about how to protect your business from ransomware.
McAfee also reported that the uptake of virtualisation and cloud hosting technology has changed the fundamental aim of many attacks on devices: attackers gain access to devices as a path to where the important data resides, not primarily for the small amount of data on the infiltrated device. Again, with the number of network-connected devices increasing in businesses, the emphasis on responsible user behaviour needs to be reaffirmed.
In addition, although mobile malware infection rates actually declined by 1% for most regions, the growth of this type of malware, demonstrated by the 17% rise in samples in Q2, is still an important trend for businesses. Employees are increasingly using mobile and tablet devices for work and need to be vigilant to these types of threats.