The company’s ransomware report, which tracked the state of ransomware between 2014 and 2016 ,found one particular standout figure. Between April 2015 and March 2016, 718,536 people were infected with crypto-ransomware, where their files are encrypted and held hostage in exchange for a ransom paid in bitcoin.
That’s 5.5 times more than the figures from 2014 to 2015. There were 131,111 cases of crypto-ransomware in that time period. Kaspersky Lab went on to describe the number of infections as an “epidemic”.
Countries affected most frequently by infections were the U.S., Germany, and Italy. We’ve seen many high-profile ransomware infections in the U.S. over the last several months, from hospitals to small businesses to churches, while in Germany a number of hospitals’ networks were encrypted earlier this year by cybercriminals on the hunt for cash.
There are several strains of ransomware out there that can infect users, with new versions regularly springing up. But some of the classic examples remain the most common and effective, according to the report, with Cryptowall accounting for a sizeable 58.84 percent of crypto-ransomware.
The likes of TorrentLocker and CTB-Locker have all been well covered by tech media but they only make up 1.25 percent and 1.60 percent of infections, respectively, with dozens of others making up the rest of the pie in small percentages each.
More and more people are paying up, too, even on an individual basis, where cybercriminals are more likely to get just a couple of hundred dollars from a victim that hasn’t kept regular backups. Business targets tend to see higher ransom demands.
This willingness to pay has created a booming underground ecosystem for ransomware, explained Fedor Sinitsyn, senior malware analyst at Kaspersky Lab, and this success rate has emboldened more people to get involved and make some money.
Maintaining backups and educating users and employees to the cybersecurity risks they face every day is the most effective strategy to combat crypto-ransomware, he added.
“The ransomware business model seems to be profitable and safe for criminals, and the security industry and users can change that just by implementing these basic measures,” he said.
