The ransomware ecosystem is maturing. Strains are divided into “families” and the number of new families that have been discovered in 2017 is half what it was in 2016. Even so, the total number of attacks targeting businesses have risen by 26 percent over last year’s totals, according to the latest statistics released by Kaspersky Lab.
Rather than inventing wholly new software strains, hackers around the world seem content to modify existing strains, with the number of modifications growing from 54,000 to an astonishing 96,000 this year.
The modifications are having impacts that extend far beyond simply allowing them to slip past a company’s defenses. Last year, 29 percent of companies impacted by a ransomware attack claimed that the incident took a week or longer to recover from. This year, that percentage rose to 34 percent.
According to one of Kaspersky’s senior malware analysts, Fedor Sinitsyn, “The headline attacks of 2017 are an extreme example of growing criminal interest in corporate target. We spotted this trend in 2016, it has accelerated throughout 2017, and shows no signs of slowing down.
Business victims are remarkably vulnerable, can be charged a higher ransom than individuals and are often willing to pay up in order to keep the business operational. New business-focused infection vectors, such as through remote desktop systems, are not surprisingly on the rise.”
In addition to the total number of such attacks increasing, we’ve seen several large-scale attacks this year, and there’s no reason to believe that we won’t see more of that in the months and years ahead.
This represents a fundamental shift in strategy as compared to years past and is a clear indication that hacking groups around the world are increasingly coordinating their efforts and learning from one another. That’s bad news for IT security professionals everywhere.