Huge spike in ransomware infections

Ransomware on a smartphone. (Duncan Alfreds, Fin24)
Ransomware on a smartphone. (Duncan Alfreds, Fin24)

Cape Town – Malicious software designed to extort money from computer and mobile phone users has risen five-fold, new research shows.

Ransomware, also known as crypto-malware infections jumped from 131 111 in the 2015 to 718 536 in 2016, according to data from security firm Kaspersky Lab.

The increase is reflected in the number of all computer users encountering ransomware. In 2015, 3.63% of internet users encountered the malware, but that increased to 4.34% in 2016.

“The biggest problem with crypto-ransomware today is that sometimes the only way to get the encrypted data back is to pay the criminals, and victims tend to pay. That brings a lot of money into the underground ecosystem that has grown up around this malware, and as a result we are seeing new cryptors appear almost daily,” said Fedor Sinitsyn, senior malware analyst at Kaspersky Lab.

READ: Here's how ransomware hits SA

Typically, the malware is delivered via malicious email links and once activated, it will encrypt user files with pdf, doc, docx, xls, xlsx, ppt, pptx, jpg, jpeg, bmp, tiff, png, mpg, mpeg, avi, 3gp, mp4, m3u, mp3, wav, zip and java extensions among others with a 128 bit key.

Critical tips

Users will usually be prompted to pay in virtual currency to have their files released, with the amount increasing over time.

Kaspersky advised internet users to ensure that they had effective and regular data backups, avoided clicking on malicious links, checked for unauthorised application downloads and kept software updated.

“The ransomware business model seems to be profitable and safe for criminals, and the security industry and users can change that just by implementing these basic measures,” said Sinitsyn.

READ: 10 tips to help you beat ransomware

While anti-virus (AV) software is designed to protect internet users, they are not enough defence for ransomware and advanced persistent threats (APTs), warned Panda Security.

“This is sound advice but does not cut to the core of the problem. Ransomware and APTs are able to bypass conventional AV software and penetrate your network,” said Panda Security.

An expert warned that the lack of national borders made cybercrime easier to conduct.

“The problem with cybercrime is that the crooks aren't really limited by national frontiers - and they aren't limited to specific sorts of crime,” Paul Ducklin, senior technologist at Sophos told Fin24.

He said that application of security-minded strategy could serve to protect you from cyber attacks.

“The same patches that protect you from hacks across the network also help to protect you from the risks of opening infected emails or visiting booby-trapped websites.”

- Follow Duncan on Twitter

Brent Crude
All Share
Top 40
Financial 15
Industrial 25
Resource 10
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
I'm not really directly affected
18% - 2005 votes
I am taking a hit, but should be able to recover in the next year
23% - 2621 votes
My finances have been devastated
35% - 3932 votes
It's still too early to know what the full effect will be
25% - 2811 votes