Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Ransomware: The big payoff for cybercriminals in 2016

Nick FitzGerald, Senior Research Fellow, ESET Asia Pacific | March 16, 2016
Over the past year, cybersecurity professionals have been facing more and more cases of ransomware. This type of attack has rapidly gained ground and it seems that there is no end in sight to its growth.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

Over the past year, cybersecurity professionals have been facing more and more cases of ransomware. This type of attack has rapidly gained ground and it seems that there is no end in sight to its growth.

So what is ransomware? Put simply, it is a type of malware that prevents or limits users from accessing their systems or data. Ransomware forces its victims to pay a monetary ransom, usually through anonymous online payment methods, to regain access to their systems or data. There have also been cases where victims have paid up without receiving a recovery key or have otherwise been unable to recover their files.

This type of malware is not new. The first widely known case of ransomware, the 'AIDS Trojan', dates back over 25 years! However, like most cyber threats we see today, ransomware is fast becoming more sophisticated and therefore, more troublesome for both businesses and consumers.

Ransomware has caught the attention of cybersecurity professionals recently due to growth in both the number of victims, as well as the profits that cybercriminals have obtained from this type of malicious campaign. High profile news has similarly made ransomware a larger topic of conversation, including the recent case of the Hollywood Presbyterian Medical Centre in Los Angeles, which was made to pay a ransom of US$17,000 by hackers in order to regain access to its computer systems.

According to recent ESET research, crypto-ransomware detections have been prevalent in regions like Latin America and Europe, but recently there has been a spike in incidences outside of these territories. According to the Internet Organised Crime Threat Assessment 2015 report by Europol, Japan has the second highest global detection rate for ransomware. The country is also one of the top three countries in Asia where European Union law enforcement investigations have identified perpetrators or criminal infrastructure. According to the report, Japan, South Korea and the Philippines are identified as the most prominent countries in East and South East Asia, from which commercial extortion campaigns originate. 

Rapidly mutating threat

Ransomware has evolved over the years and over a period of time this malware has upgraded itself, increasing the number of attacks worldwide. In fact, today we are even seeing some cybercriminals offering this kind of malware as a service.

'Ransomware as a Service' (RaaS), is a worrying trend, with more and more tools being discovered that have been specifically designed to help even the most unsophisticated criminal create this type of malware, regardless of their level of technical expertise. Further still, ransomware has also evolved to target operating systems not only for desktop, but also for mobile. Cases of ransomware have been found to affect mobile devices, especially those running Android, the most popular mobile operating system worldwide. The group behind the Reveton ransomware program, for example, has ported the malware to Android, distributing it through pornography sites where it is disguised as a video player.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.