Skip to main content

Ransomware threat is only getting more dangerous and costly, Symantec report says

A hand on a laptop in a dark surrounding.
Ransomware is increasing dramatically in price and malice, according to the latest report on the nasty malware from Symantec.

Ransomware encrypts your files and demands a fee, usually a few hundred dollars, for their safe return. Cybercriminals are using the tactic against individuals and businesses alike. Cases of the virus have ballooned since last year and, according to Symantec’s Ransomware and Businesses 2016 report, the troubling trend is showing no signs of slowing down.

It found that the average ransomware demand has soared from $294 in late 2015 to $679 currently. Infections are a global phenomenon but the U.S. accounts for 31 percent of cases. The rest of the top 10 is made up of Italy, Japan, the Netherlands, Germany, U.K., Canada, Belgium, India, and Australia.

More and varied strains of ransomware, like the CryptXXX ransomware, whose latest version is even tougher to crack, are being written and unleashed online.

Initial ransomware threats targeted individuals (who still account for more than half of all infections), but Symantec speculated that the trend is shifting more and more toward businesses and organizations that can afford to pay more. The services and manufacturing industries have been hit the most.

There have been several high-profile cases of businesses paying thousands of dollars in ransomware demands. In one case, the University of Calgary paid $20,000 to get its files back. This has led to the creation of a viable business model for cybercriminals to exploit. As long as people are willing to pay, they’ll get infected. It’s been dubbed “ransomware as a service.”

“The perfection of the ransomware business model has created a gold-rush mentality among attackers, as growing numbers seek to cash in. Infection numbers are trending upwards, with the number of new ransomware families discovered annually reaching an all-time high of 100 in 2015,” said the authors of Symantec’s report.

The researchers note that they expect to see cases of ransomware infections move beyond computers and mobile devices as attackers seek to diversify their efforts. They noted the recent discovery of Android malware that was now being used to infect smart TVs. Smartwatches may also be on attackers’ radars.

“One worrying potential target is industrial control systems (ICS). There have already been examples of malware attacks against ICS devices, the most famous of which was Stuxnet,” the researchers added. “Given the recent emergence of targeted ransomware attacks and the potential for disruption that an ICS attack could cause, it may only be a matter of time before attackers shift their attention to this arena.”

Editors' Recommendations