Details about the variety of targeted attacks that employ ransomware can be found in the expert study on our Securelist website.<\/p>\n
Cryptomalware has long been a threat not only to end users, but to companies as well. At first, their authors extorted money using mass-mailed Trojans. Then cybercriminals realized that businesses are much more likely than individuals to have valuable information \u2014 and money with which they are ready to part for the sake of business continuity. So they switched from mass mailings to selective ones, and began to spam small and medium-size businesses with false \u201cbills,\u201d letters from the \u201cIRS,\u201d and other misleading documents containing malicious code. And now we have seen the next level \u2014 targeted attacks that employ encrypted malware.<\/p>\n
It wasn\u2019t much of a surprise. This evolution is extremely logical: If you carefully select a victim, examine its infrastructure, and encrypt specific business-critical files, your chances of obtaining a solid ransom increase dramatically. Our analysts long foresaw such a development of ransomware. The surprise is the scale of this phenomenon.<\/p>\n
At this moment, our experts have identified at least eight threat actors competing for the right to extort money from businesses. In some cases, the price of decryption reaches half a million dollars. And their main targets are financial organizations, which have to pay to ensure that their data servers can return to work.<\/p>\n
One of the reasons for such a rapid popularity gain is a code of silence. Victims can be extremely reluctant to report that their confidential data has been encrypted. As a result, before a target campaign becomes known to all software vendors, it will have had enough time to reach a lot of victims. And that is a big problem because not all protective products can detect cryptors by behavior (although ours does).<\/p>\n
Therefore, if you become a victim of encrypting ransomware, you must immediately inform law enforcement about the incident. If you need tips on how to do it, or any other advice on protecting against this sort of threat, visit the No More Ransom<\/a> initiative website. In addition, it makes sense to use expert services<\/a>, which can conduct a full investigation of the incident. A variety of utilities for decrypting data when it\u2019s possible is also available on the NoRansom.kaspersky.com<\/a> website.<\/p>\n Details about the variety of targeted attacks that employ ransomware can be found in the expert study on our Securelist website.<\/p>\nStandard tips for protecting against ransomware<\/h2>\n
\n
![\"Security](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2017\/04\/06020709\/SAS-Banner-KB.png\")
<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"