Ransomware is malicious software that infects a computer, network or data. A computer will either be locked or have the data encrypted, held hostage, and the only way to regain access is by paying a ‘ransom’.
Ransomware has quickly become one of the most prevalent types of cyber-attack and a major threat factor for cyber-security teams. Virus style attacks are nothing new though so why is ransomware such big news?
Looking back at 2016 and 2017 may hold the answers with 2016 being dubbed ‘The year of Ransomware’ and 2017 picking up where it left off. Both years saw unprecedented rises in the number of ransomware attacks taking place and the number of new strains of ransomware being detected.
Ransoms vary in value across strains of ransomware, some strains even tiering values based on the type of system infected. Many ransoms are valued at around £300 however ransoms for thousands and even millions have been reported and paid. As payments are demanded in bitcoin or other crypto-currencies they are untraceable.
Crypto-currencies is a digital currency or medium of exchange which is created and stored electronically in a blockchain. Encryption is used to both create the currency units as well as verify the transfer of funds. Bitcoin is one of the most well-known crypto-currencies.
Learn more about cyber-security and how to combat the effects of cyber-crime with the white paper now. Download here.
Ransomware on the decline
2018 has seen a diminished number of ransomware attacks being reported and there has so far been no global-scale attacks like those seen in previous years. Recent reports have also shown that despite ransomware being one of the costlier cyber threats to deal with, that it is not as worrying as it was 12-months ago.
30% of organisations reported that they had been affected by ransomware compared to 48% in 2017.
In fact, 32% of organisations saw ransomware as a costly problem and 19% admitted to paying a ransom, up from only 3% the previous year. Does this show that organisations are poorly prepared to deal with an attack so are left with little choice than to pay or is it that they see paying as the quickest and possibly easiest way of getting data back?
Email is still the most common way of ransomware attacks being spread and it’s no surprise given the ease. Cyber-criminals can quickly and easily target hundreds if not thousands of users at once and the more people they target the more likely they are to be successful.
What is Crypto-jacking?
With ransomware attacks becoming less common or less successful there is a new cyber-threat that organisations are having to become aware of. The rise in use and value of crypto-currencies has created a new type of attack, a crypto-jacking.
Crypto-jacking is a strain of malware which can silently mine cryptocurrency via an internet connected device, without knowledge or permission of the owner.
Unlike a ransomware strain that makes users aware when the system has become infected, a crypto-jacker will lay silently while active. This type of attack utilises computing power to mine currency so the longer it can remain undetected the more currency can be mined. Crypto-jackers have been discovered in a number of high profile organisations and appeared on the websites of both NHS and the British government; a crypto-jacker strain infected an application plugin used across hundreds of websites to assist with language translation.
Heads or tails, ransomware or crypto-jacker?
Researchers working for Kaspersky Labs have discovered a new strain of malware that combines both ransomware and a crypto-jacker to mine systems. The malware is being spread, like other attacks, using phishing mails with malicious attachments. Upon opening, the attachments will download the malware to a system and begin running tests. The malware will perform a basic check to understand if a system is protected by anti-ransomware technology, if it is then the crypto-jacking element of the strain will install. In addition to both of these threats a worm element that also exists to assist in the spreading of the strain.