In 2017, 26.2% those targeted by ransomware were business users, compared to 22.6% in 2016. This is due in part to three unprecedented attacks targeting corporate networks that changed forever the landscape for this increasingly virulent threat, according to Kaspersky Lab.
2017 will be remembered as the year the ransomware threat suddenly and spectacularly evolved with advanced threat actors targeting businesses the world over with a series of destructive worm-powered attacks whose ultimate goal remains a mystery. These attacks included WannaCry on May 12, ExPetr on June 27, and BadRabbit in late October. They all used exploits designed to compromise corporate networks. Businesses were also targeted by other ransomware and the company prevented ransomware infections on over 240,000 corporate users overall.
“The headline attacks of 2017 are an extreme example of growing criminal interest in corporate targets. We spotted this trend in 2016, it has accelerated throughout 2017, and shows no signs of slowing down. Business victims are remarkably vulnerable, can be charged a higher ransom than individuals and are often willing to pay up in order to keep the business operational. New business-focused infection vectors, such as through remote desktop systems are not surprisingly also on the rise,” said Fedor Sinitsyn, Senior Malware Analyst, Kaspersky Lab.
Fortunately, the No More Ransom initiative, launched in July 2016 is thriving. The project brings together law enforcement and security vendors to track down and disrupt the big ransomware families, helping individuals to get their data back and undermining the criminals’ lucrative business model.
All Kaspersky Lab products protect users from ransomware. The company’s products also include a layer of technology: System Watcher that can block and roll back malicious changes made on a device, such as the encryption of files or blocked access to the monitor. Further, a free anti-ransomware tool is available for all businesses, regardless of which brand of security software they use.
The full text of the Story of the Year 2017: Ransomware’s new menace is available here.
The report forms part of the annual Kaspersky Security Bulletin. Other sections of the bulletin include the Threat Predictions for 2018 published on 15 November and available here, and the annual Review and Statistics, available in December.