Huge spike in ransomware infections

Ransomware on a smartphone. (Duncan Alfreds, Fin24)
Ransomware on a smartphone. (Duncan Alfreds, Fin24)

Cape Town – Malicious software designed to extort money from computer and mobile phone users has risen five-fold, new research shows.

Ransomware, also known as crypto-malware infections jumped from 131 111 in the 2015 to 718 536 in 2016, according to data from security firm Kaspersky Lab.

The increase is reflected in the number of all computer users encountering ransomware. In 2015, 3.63% of internet users encountered the malware, but that increased to 4.34% in 2016.

“The biggest problem with crypto-ransomware today is that sometimes the only way to get the encrypted data back is to pay the criminals, and victims tend to pay. That brings a lot of money into the underground ecosystem that has grown up around this malware, and as a result we are seeing new cryptors appear almost daily,” said Fedor Sinitsyn, senior malware analyst at Kaspersky Lab.

READ: Here's how ransomware hits SA

Typically, the malware is delivered via malicious email links and once activated, it will encrypt user files with pdf, doc, docx, xls, xlsx, ppt, pptx, jpg, jpeg, bmp, tiff, png, mpg, mpeg, avi, 3gp, mp4, m3u, mp3, wav, zip and java extensions among others with a 128 bit key.

Critical tips

Users will usually be prompted to pay in virtual currency to have their files released, with the amount increasing over time.

Kaspersky advised internet users to ensure that they had effective and regular data backups, avoided clicking on malicious links, checked for unauthorised application downloads and kept software updated.

“The ransomware business model seems to be profitable and safe for criminals, and the security industry and users can change that just by implementing these basic measures,” said Sinitsyn.

READ: 10 tips to help you beat ransomware

While anti-virus (AV) software is designed to protect internet users, they are not enough defence for ransomware and advanced persistent threats (APTs), warned Panda Security.

“This is sound advice but does not cut to the core of the problem. Ransomware and APTs are able to bypass conventional AV software and penetrate your network,” said Panda Security.

An expert warned that the lack of national borders made cybercrime easier to conduct.

“The problem with cybercrime is that the crooks aren't really limited by national frontiers - and they aren't limited to specific sorts of crime,” Paul Ducklin, senior technologist at Sophos told Fin24.

He said that application of security-minded strategy could serve to protect you from cyber attacks.

“The same patches that protect you from hacks across the network also help to protect you from the risks of opening infected emails or visiting booby-trapped websites.”

- Follow Duncan on Twitter

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Voting Booth
Facebook is facing a fresh crisis after a former employee turned whistle-blower leaked internal company research . Do you still use Facebook?
Please select an option Oops! Something went wrong, please try again later.
Yes, the benefits outweigh the risk for me
26% - 300 votes
No, I have deleted it
44% - 518 votes
Yes, but I am considering deleting it
30% - 356 votes