Although ransomware attacks tapered off near 2017’s end following a dramatic explosion of attacks through 2016 and much of 2017, it remains a major threat to big business, cybersecurity firm F-Secure has revealed.
In a report titled ‘The Changing State of Ransomware’, cybersecurity firm F-Secure has claimed that ransomware has evolved considerably as a threat over 2017. Locky, Cryptolocker and Cerber were all named as prevalent threats during the year, accounting for some 90% of ransomware reports by the end of 2017. A total of 343 unique families and variants of ransomware were classified in 2017, an increase of 62% from 2016.
Meanwhile, WannaCry remained active through the latter half of 2017 with a majority of reports coming from Japan, Malaysia, Columbia, Vietnam, Indonesia and India.
“The most significant is the price of bitcoin. Bitcoin’s value increased considerably in 2017 , fueling speculation in other cryptocurrencies,” explained F-secure security advisor Sean Sullivan. “Cyber criminals are responding to this trend by gravitating toward crypto mining as a way to make money, including by spreading crypto mining malware that covertly steals CPU cycles in order to process cryptocurrencies,” he added, referring to crypto-jacking.
The report also suggests that trends suggesting a decline in ransomware toward the end of 2017 are offset by other evidence suggesting that the use of ransomware will gravitate toward corporate focused attack vectors by targeting organizations through exposed remote desktop protocol (DRP) ports.
“There’s no question that 2017 was a milestone year for ransomware. The raw number of attacks spiked thanks to notorious incidents such as the WannaCry, NotPetya,20 and Bad Rabbit21 outbreaks,” the report added, concluding with:
“A statement from the US White House went as far as calling the NotPetya outbreak “the most destructive and costly cyber-attack in history.”
Image credit: Flickr.
