Huge spike in ransomware infections

Ransomware on a smartphone. (Duncan Alfreds, Fin24)
Ransomware on a smartphone. (Duncan Alfreds, Fin24)

Cape Town – Malicious software designed to extort money from computer and mobile phone users has risen five-fold, new research shows.

Ransomware, also known as crypto-malware infections jumped from 131 111 in the 2015 to 718 536 in 2016, according to data from security firm Kaspersky Lab.

The increase is reflected in the number of all computer users encountering ransomware. In 2015, 3.63% of internet users encountered the malware, but that increased to 4.34% in 2016.

“The biggest problem with crypto-ransomware today is that sometimes the only way to get the encrypted data back is to pay the criminals, and victims tend to pay. That brings a lot of money into the underground ecosystem that has grown up around this malware, and as a result we are seeing new cryptors appear almost daily,” said Fedor Sinitsyn, senior malware analyst at Kaspersky Lab.

READ: Here's how ransomware hits SA

Typically, the malware is delivered via malicious email links and once activated, it will encrypt user files with pdf, doc, docx, xls, xlsx, ppt, pptx, jpg, jpeg, bmp, tiff, png, mpg, mpeg, avi, 3gp, mp4, m3u, mp3, wav, zip and java extensions among others with a 128 bit key.

Critical tips

Users will usually be prompted to pay in virtual currency to have their files released, with the amount increasing over time.

Kaspersky advised internet users to ensure that they had effective and regular data backups, avoided clicking on malicious links, checked for unauthorised application downloads and kept software updated.

“The ransomware business model seems to be profitable and safe for criminals, and the security industry and users can change that just by implementing these basic measures,” said Sinitsyn.

READ: 10 tips to help you beat ransomware

While anti-virus (AV) software is designed to protect internet users, they are not enough defence for ransomware and advanced persistent threats (APTs), warned Panda Security.

“This is sound advice but does not cut to the core of the problem. Ransomware and APTs are able to bypass conventional AV software and penetrate your network,” said Panda Security.

An expert warned that the lack of national borders made cybercrime easier to conduct.

“The problem with cybercrime is that the crooks aren't really limited by national frontiers - and they aren't limited to specific sorts of crime,” Paul Ducklin, senior technologist at Sophos told Fin24.

He said that application of security-minded strategy could serve to protect you from cyber attacks.

“The same patches that protect you from hacks across the network also help to protect you from the risks of opening infected emails or visiting booby-trapped websites.”

- Follow Duncan on Twitter

Brent Crude
All Share
Top 40
Financial 15
Industrial 25
Resource 10
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Do you think it was a good idea for the government to approach the IMF for a $4.3 billion loan to fight Covid-19?
Please select an option Oops! Something went wrong, please try again later.
Yes. We need the money.
11% - 796 votes
It depends on how the funds are used.
74% - 5281 votes
No. We should have gotten the loan elsewhere.
15% - 1045 votes