Ransomware Criminals Love Australia, Report Claims

Australia is the most targeted nation for ransomware attack, according to a report. Ransomware criminals see Australia as a goldmine.

Trend Micro Incorporated has published its security roundup report, “The Reign of Ransomware,” which found a 172% rise in ransomware as well as US$3 billion in losses because of business email compromise (BEC) scams so far in 2016, & nearly 500 vulnerabilities in a variety of products.

“Ransomware is capable of crippling organisations who face it, and the cyber-criminals spearheading these attacks are creatively evolving on a continuous basis to keep enterprises guessing,” said Dr. Jon Oliver, senior security architect, Trend Micro. “It has dominated the threat landscape so far in 2016, causing losses and immense business disruption across multiple industries. Australian enterprises must adopt multi-layered security solutions to optimally combat these threats that could attempt to penetrate corporate networks at any time.”

“Australian consumers have continued to be targeted with ransomware threats in the first half of this year,” said Tim Falinski, consumer director, Trend Micro Australia and New Zealand. “Consumers should make themselves aware of the threats and ensure all their devices – from smartphones to PCs to connected smart devices – are protected.”

Have a look at the following report findings highlight trends from the first half of 2016:

  • Ransomware attack nearly doubled, with an increase of about 172 percent, in the first half of 2016 compared to 2015, further establishing ransomware as a prevalent as well as pervasive threat. Variants are designed to attack all levels of the network.
  • Both public as well as private sectors fell victim to data breaches in the first half of 2016, including Verizon & Myspace, many hospitals as well as government entities.
  • The Federal Bureau of Investigation (FBI) has listed over 22,000 victims in 2016, with more than US $3 billion in losses.
  • Reduced use of Angler Exploit Kits can be attributed to the arrest of almost 50 cyber criminals.
  • Trend Micro as well as the ZDI has reported several significant browser & kernel vulnerabilities, which were identified during the Pwn2Own competition.

Over 79 new ransomware families were identified in the first half of 2016, which has surpassed the total number of new families found in the year 2015. Both old and new variants caused a total of US $209 million in monetary losses to enterprises. It has also been found that ransomware attacks that were found in the first half of 2016, such as BEC scams, originated from emails 58% of the time.

Angler was found to decrease in use, whereas other EKs, such as Neutrino, filled the void. New vulnerabilities & ransomware were added to keep Exploit Kits updated as well as effective. Unpatched software continued to provide opportunities for attackers to infect networks via Exploit Kits.

“While it’s unfortunate for us, cyber-criminals are resilient and flexible when it comes to altering an attack method each time we find a patch or solution,” said Jon Oliver. “This creates massive problems for enterprises and individuals alike since the threats change as often as solutions are provided. It bodes well for businesses to anticipate being targeted and to prepare accordingly, implementing the latest security solutions, virtual patching and employee education to mitigate risks from all angles.”