Ransomware attacks against businesses increased threefold in 2016

Ransomware attacks against businesses increased threefold in 2016

The number of ransomware attacks targeting companies increased threefold from January to September, affecting one in every five businesses worldwide.

According to a new report from security company Kaspersky Lab, the rate of ransomware attacks against businesses increased from one every two minutes to one every 40 seconds during that period. For consumers it was even worse, with the rate reaching one attack every 10 seconds in September.

During the third quarter of the year, there were 32,091 new ransomware variations detected by Kaspersky Lab compared to only 2,900 during the first quarter. Overall, 62 new ransomware families appeared this year, the company said.

This shows the interest that cybercriminals have in this type of malware and highlights its continued success, despite actions by law enforcement agencies and free decryption tools released by researchers and security companies.

Kaspersky's research revealed that small and medium-size businesses were hit the hardest, 42 percent of them falling victim to a ransomware attack over the past 12 months. Of those, one in three paid the ransom, but one in five never got their files back, despite paying.

Overall, 67 percent of companies affected by ransomware lost part or all of their corporate data and one in four victims spent several weeks trying to restore access, the Kaspersky researchers said.

The most successful ransomware program this year was CTB-Locker, accounting for 25 percent of all affected users. Next on the list was Locky with 7 percent and TeslaCrypt with 6.5 percent, even though this ransomware family was only active until May.

Ransomware attacks have become more targeted, attackers crafting their spear-phishing and social engineering attacks for specific organizations or industry segments that are more likely to be affected by a lack of data availability.

Employee IT security training remains very important in preventing ransomware attacks. According to Kaspersky, one in five incidents that resulted in significant data loss were caused by employee carelessness or lack of security awareness.

Companies should back up data regularly, use reliable endpoint security solutions, keep the software installed on their systems up to date, restrict access to sensitive data and educate their employees and IT teams about ransomware risks.

In they become victims, companies should check the No More Ransom website set up by security companies to check if there's a decryption tool available that could help them get their files back. They should also report incidents to their local law enforcement immediately, the Kaspersky researchers said.

The security vendor advises companies not to pay the ransom, because this can make them an even bigger target and increases the chance that the next ransom will be higher. It also encourages cybercriminals and might not result in the recovery of the affected files.

IDG Insider


«Samsung to brick remaining Galaxy Note7s through software update


Android device updates: Android 7.1.1 brings a batch of goodies to Google's Pixel and Nexus»
IDG Connect

IDG Connect tackles the tech stories that matter to you

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Will Kotlin overtake Java as the most popular Android programming language in 2018?