As the world keeps its fingers crossed and struggles to tame the ‘WannaCrypt’ attack, the ransomware has emerged as the most dangerous cyber threat in recent months, with global losses now likely running into hundreds of millions of dollars.
It is a type of malicious software that blocks access to data on a connected device, such as a computer, tablet or smartphone, and displays a message requesting payment to unlock it.
It requests payment in Bitcoins, because this crypto-currency cannot be tracked by cyber security researchers or law enforcements agencies. A time is set for paying the ransom. It uses a complex set of evasion techniques to go undetected by traditional antivirus.
According to Norton by Symantec, one of the global leaders in cyber security software, there was a 36% increase in the ransomware attacks in 2016 and the ransomware families have grown three times — from 30 in 2014 to 101 in 2016.
“In 2016, we identified over 100 new malware families released into the wild, more than triple the amount seen previously, and a 36% increase in ransomware attacks worldwide,” Tarun Kaura, Director, Solutions Product Management, Asia Pacific & Japan, Symantec told a news agency.
India alone faces 4% of the total ransomware attacks while the US is most affected, with 34% of the ransomware attacks globally.
India has been ranked fifth in terms of global threat rank by destination, with 3.8% global threat detection. “Over 180 Indian companies were victims of ‘ransomware’ in the first six months of 2016,” said Trend Micro Incorporated, a global leader in security software and solutions.
While most major ransomware groups tend to be indiscriminate in their attacks, consumers are often less likely to have robust security in place, increasing the possibility of falling victim.
“The average ransom demanded globally by attackers also saw an upward spike this year. The average ransom demanded to date in 2016 more than doubled from Rs. 19,670 in 2015 to Rs. 45,428,” a recent Norton by Symantec study highlighted.
‘WannaCrypt’ — the ransomware malware used in Friday’s massive cyber attack — has the ability to spread itself within corporate networks, without user interaction, by exploiting a known vulnerability in Microsoft Windows.
Computers which do not have the latest Windows security updates are at the risk of infection.
Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
It has the ability to encrypt all kinds of files, from documents to pictures, videos, audio files and other things you may have on your PC. It can scramble the user’s file names, a trick used to confuse and coerce victims into paying the ransom.
(With inputs from IANS)