The numbers of personal computer and mobile users who have been bombarded with ransomware malware have skyrocketed in the recent time according to the latest report by Kaspersky. The figures are alarming and the report reveals the increasing penetration of this malicious malware inside the smartphones.
What the hell is Ransomware? It’s a malware that sedates the device, locks it, blocks access to some or all the features or data of a device. In turn, to allow the access, the malware asks you to pay the ransom through online currency like bitcoin etc. The ransomware is spreading like a wildfire and it’s unlikely that this malware will see death anytime soon.
Ransomware is raining like cats and dogs on a number of devices, between April 2015 and March 2016 the number of users’ who were affected by this malicious malware increased by a whopping 17% affecting 2.3 million users compared to the 1.9 million users last year.
The malicious Cryptors (modern ransomware) saw a surge of 25% points among the users who encountered ransomware. In 2014-15 the figure craved at 6.6% which rose to 31.6% in 2015-16. The number of users affected by Cryptors is increased by 5.5x from 131,111 in 2014-15 to 718,536 in 2015-16.
The number of users who were attacked by Win-lockers, another malware that locks Windows-powered PCs, saw a decline from 1,836,673 in 2014-15 to 1,597,395 in 2015-16 registering a 13.03% decline. On the other hand, mobile ransomware saw a 4X surge affecting 35,413 users in 2014-15 to 136,532 users in 2015-16.
A majority of ransomware attackers targeted PCs, but cybercriminals are also looking for new avenues like smartphones as the PC and laptop sales are declining. As compared to 275.8 million PCs that were shipped in 2015 the number of shipments in 2016 is estimated to decline to 255.6 million units, 7.3% YoY decline.
There are multiple attacks by Cyber criminals in the past as well affecting millions of PC and mobile users. Lately, a malware program named Accessibility Clickjacking infected a mammoth 500 million Android devices. The malware altered users’ smartphone accessibility settings to take control of the device.
Companies are leaving no stone unturned to make their device ecosystem safe to use. Google recently increased its reward amounts for the ones who can effectively point out the vulnerabilities in its Android OS.
Ransomware Malware: Affected PC users Segments
The main targets of ransomware were the household users registering 93.20% of the total affected ransomware users in 2014-15. However, the number saw a decline of 86.8% in 2015-16.
Interestingly, the number of ransomware affected corporate users increased by 5.86 times from 27 thousand in 2014-15 to a huge 158.6 thousand in 2015-16.
The major malware of Crypto-ransomware type in 2015-16 are Teslacrypt dominating with 48.81% share of total users attacks followed by CTB-Locker with 21.61%. Whereas, in 2014-15 the category was dominated by CryptoWall affecting 58.84% of ransomware users followed by others malware. According to Kaspersky, the decrement of others category in 2015-16 may be due to increasing in criminal-to-criminal interaction as the criminals relied on off-the-shelf and ready to use malware.
Worst hit countries- PC ransomware
The top hit countries by ransomware in 2014-15 are Kazakhstan with 6.99% of users who encounter malware were attacked by ransomware, Algeria (6.23%), Ukraine (5.87%) etc. India also features in the list at the 7th spot with 3.77% of affected users.
India has emerged as the worst hit country in terms of growing effects of such malware as we can see in the table below. India registered 126.18% YoY increase in the number of users who were hit by ransomware followed by Brazil with 60.46% increase. Whereas, Russian Federation recorded a 54.33% YoY surge in the number affected users.
In India the cyber laws are obsolete and frequently hackers target Indian Government websites. Recently, Indian Railways catering wing IRCTC website was hacked and data credentials of around 10 million customers were reportedly stolen.
The percentage of encrypted ransomware affected users is horrifying as they are delving quite deep into the device ecosystem and are increasing. There is a double-digit increase in the number of ransomware affected users affected users in the current scenario.
Malware Attacks on Android: 400% Increase
There is a steep rise in the number of ransomware attacks on Android devices as well. 35,413 users were affected by this malware in 2014-15 and the numbers surged to 136,532 users in 2015-16 registering around 400% surge. The countries affected by mobile ransomware are quite similar to its PC counterpart. The United States was the top hit country in 2014-15 and Germany in 2015-16.
Countries like US and Germany offer seamless online payment options thus making the task easier for the cyber criminals. After all, money is the prime driver of all illegal acts.
Smartphones are the main drivers of the future. It is estimated that by 2020, worldwide, there would be 6.1 billion smartphone users and Android will apparently enjoy a lion’s share of the market. Thus Android smartphone poses a big opportunity for cyber criminals as well.
Ransomware named Small affected a fair share, around 69.11%, of Android devices in 2014-15 whereas, in 2015-16, Fusob has emerged the biggest threat as 56.25% of the Android devices are found affected with this malware alone.
According to the report, the prime objective of ransomware affecting the Android devices is to lock the screen of the device. However, the chances of crypto-ransomware attacking mobile devices anytime soon are minuscule.
How and why Ransomware Dangerous?
It all started in Russia in 2010 when the first real ransomware affected thousands of households. After the matter was resolved, 500 million rubles ($13.92 million) worth of illegal income was recovered from the criminal group. Interestingly, the creation of such malware that can hamper the desktop isn’t a complicated task; it requires minimal programming skills and some too.
Later, encryption based ransomware became a nightmare for thousands of users as its effects were not fully reversible, unlike Blocker ransomware. The encryption based ransomware proved to be a nightmare for authorities as it required a special skill set to decrypt the data, making it gain immense popularity among the cyber criminals.
When can we control this malware?
In the future, ransomware may bombard the futuristic device segments as well, likes of wearable device, smart TVs, etc. as the malware has gradually evolved from PC to mobile platform. In turn, a number of innovations and technologies would be developed to counter such unwanted attacks. But, as the old saying goes, prevention is better than cure, therefore a user must be aware of any possible security breach before accessing a file/website/external device from an unknown source. It is advisable that if the device gets infected users must approach cyber police and don’t fall prey to attackers or hackers by paying ransom in any form.