Ransomware continues to rise in 2016
Trend report shows 172% increase in new ransomware families in first half of year
Ransomware has increased significantly in the first half of 2016, according to Trend Micro.
The security company said that there has been an increase of 172% in the number of new ransomware families detected this year compared to 2015. Attackers are showing creativity in developing many new variants of ransomware to target all levels of the network, and also in targeting new industries and sectors.
Trend's half-yearly report on security threats identified ransomware as a pervasive and persistent threat, with new ransomware families showing both new propagation and extortion techniques.
In total, 79 new ransomware families were identified in the first six months of the year, which surpasses the total number of new families found in all of 2015. Both new and old variants caused a total of US $209 million in monetary losses to enterprises. Ransomware attacks found in the first half of 2016, like BEC scams, originated from emails 58 percent of the time.
"Ransomware is capable of crippling organisations who face it, and the cybercriminals spearheading these attacks are creatively evolving on a continuous basis to keep enterprises guessing," said Raimund Genes, chief technology officer for Trend Micro. "It has dominated the threat landscape so far in 2016, causing immense losses to businesses across multiple industries. Enterprises must adopt multi-layered security solutions to optimally combat these threats that could attempt to penetrate corporate networks at any time."
Other security issues highlighted by Trend in the report include a rise in Business Email Compromise (BEC) attacks, with over 22,000 companies falling victim over the past few years. BEC attacks typically rely solely on social engineering to fool a company employee by using spoofed email to pretend to be a company executive, and instructing them to wire money to a bank account which they think is the account of a business partner or supplier or similar.
Trend also noted that hackers are utilizing a wider range of exploit kits for attacks, and that they also faced a more diverse environment and more possible lines of attack, with nearly 500 vulnerabilities reported in a variety of products, predominantly in Adobe Flash and IoT products.
"While it's unfortunate for us, cybercriminals are resilient and flexible when it comes to altering an attack method each time we find a patch or solution," said Ed Cabrera, chief cybersecurity officer for Trend Micro. "This creates massive problems for enterprises and individuals alike since the threats change as often as solutions are provided. It bodes well for businesses to anticipate being targeted and to prepare accordingly, implementing the latest security solutions, virtual patching and employee education to mitigate risks from all angles."